Analysis
-
max time kernel
130s -
max time network
145s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
09-11-2020 19:28
Static task
static1
Behavioral task
behavioral1
Sample
file.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
file.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
file.dll
-
Size
164KB
-
MD5
2f40bf5768d6c648145fe304fbdb2558
-
SHA1
251e8da7b311d7a7180391b74c8a93235104378b
-
SHA256
9f9ec018f395592b0cd8726972e6bf1400eeb13b8535cf314de5f135bb65fdec
-
SHA512
89530400d93859cae6fe99aa704f153022056f758a13ea0d7ac1d86c3898b0d6878e2d3e5fdbc9ed41e2c8d640cae4c4f394859ea44e52e5e0e3258c9f3161e7
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1056 wrote to memory of 2004 1056 rundll32.exe rundll32.exe PID 1056 wrote to memory of 2004 1056 rundll32.exe rundll32.exe PID 1056 wrote to memory of 2004 1056 rundll32.exe rundll32.exe PID 1056 wrote to memory of 2004 1056 rundll32.exe rundll32.exe PID 1056 wrote to memory of 2004 1056 rundll32.exe rundll32.exe PID 1056 wrote to memory of 2004 1056 rundll32.exe rundll32.exe PID 1056 wrote to memory of 2004 1056 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2004-0-0x0000000000000000-mapping.dmp