Analysis
-
max time kernel
3s -
max time network
11s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
09-11-2020 19:27
Static task
static1
Behavioral task
behavioral1
Sample
file.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
file.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
file.dll
-
Size
166KB
-
MD5
5e133a8e4d10eed0ebaacc568447d8f8
-
SHA1
f4ffc63890c46035348819a6eb1d7f9ed8bf84c7
-
SHA256
89f9499b3426a05ce92301481d038fe4779549c30f38c45556cbdb2558a18944
-
SHA512
f992b586416da3dcac34473164d69508a4146b003dd0ad6ebb0dd70868367511506d5f2f4f4bea1d89b1719f715df3f6bb95aa1ea0bfc9517527a8f96cd00651
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 596 wrote to memory of 1072 596 rundll32.exe rundll32.exe PID 596 wrote to memory of 1072 596 rundll32.exe rundll32.exe PID 596 wrote to memory of 1072 596 rundll32.exe rundll32.exe PID 596 wrote to memory of 1072 596 rundll32.exe rundll32.exe PID 596 wrote to memory of 1072 596 rundll32.exe rundll32.exe PID 596 wrote to memory of 1072 596 rundll32.exe rundll32.exe PID 596 wrote to memory of 1072 596 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1072-0-0x0000000000000000-mapping.dmp