Analysis
-
max time kernel
87s -
max time network
141s -
platform
windows10_x64 -
resource
win10 -
submitted
27-10-2020 06:33
Static task
static1
Behavioral task
behavioral1
Sample
ggf.dll
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
ggf.dll
Resource
win10
windows10_x64
0 signatures
0 seconds
General
-
Target
ggf.dll
-
Size
667KB
-
MD5
3f4b7d537973a560df0898d821697f85
-
SHA1
a811b3af1cd710cb175e27faf97a66cf51ec18af
-
SHA256
bc8dc839be99fa4411ee9b7fb8e042095a324d0d1400ca1545924894ec143ec5
-
SHA512
e65a94d4b4a18ac4ac2fe722e2d6098f9b78b0d9b4f702977e2baff823f7c6b4c4a536de18c635d25662ae768efbee90b659073262196d36add52a5dec9ea498
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 388 wrote to memory of 4012 388 rundll32.exe rundll32.exe PID 388 wrote to memory of 4012 388 rundll32.exe rundll32.exe PID 388 wrote to memory of 4012 388 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4012-0-0x0000000000000000-mapping.dmp