Analysis

  • max time kernel
    3s
  • max time network
    12s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    06-11-2020 11:30

General

  • Target

    0856bff07c493916b93bcdf3cf6eef6b2341720e9fbe1fc44a33c03e88728a5a.dll

  • Size

    354KB

  • MD5

    4984d8b44e60501d23606a4ffcd6547c

  • SHA1

    bb9d88cadeeb6f3be85f66ae00d3e81ba803bf70

  • SHA256

    0856bff07c493916b93bcdf3cf6eef6b2341720e9fbe1fc44a33c03e88728a5a

  • SHA512

    2c5667c19b79565ad66bd0bd1e61a67a0f522fec175eb20834928ed44710f5efdb356dfb472cc850c8b1a4f46f508b424c23b8c0261766c39a08f91b5b380969

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\0856bff07c493916b93bcdf3cf6eef6b2341720e9fbe1fc44a33c03e88728a5a.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1900
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\0856bff07c493916b93bcdf3cf6eef6b2341720e9fbe1fc44a33c03e88728a5a.dll,#1
      2⤵
        PID:1344

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1344-0-0x0000000000000000-mapping.dmp