Analysis
-
max time kernel
52s -
max time network
55s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
09-11-2020 19:27
Static task
static1
Behavioral task
behavioral1
Sample
file.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
file.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
file.dll
-
Size
164KB
-
MD5
708ef2feaf6fc35f33486111d9c0f97b
-
SHA1
9d91bfe8fd44ff1d75551807017e634c2b7580d1
-
SHA256
23d7cd4b0535b40662dc211b4ae28c4b5383c66b4b686064bd391a259da80d48
-
SHA512
35db49ab278f1c78d7193e8c75d07fd9d66bab62a7f140b451f03b9fe49138525d92ffe08cd155ae4b6ceec4eca91f2253fba71ddf1af5cb6f701d9b3899d04f
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1916 wrote to memory of 1256 1916 rundll32.exe rundll32.exe PID 1916 wrote to memory of 1256 1916 rundll32.exe rundll32.exe PID 1916 wrote to memory of 1256 1916 rundll32.exe rundll32.exe PID 1916 wrote to memory of 1256 1916 rundll32.exe rundll32.exe PID 1916 wrote to memory of 1256 1916 rundll32.exe rundll32.exe PID 1916 wrote to memory of 1256 1916 rundll32.exe rundll32.exe PID 1916 wrote to memory of 1256 1916 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1256-0-0x0000000000000000-mapping.dmp