Analysis
-
max time kernel
4s -
max time network
19s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
09-11-2020 19:26
Static task
static1
Behavioral task
behavioral1
Sample
file.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
file.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
file.dll
-
Size
166KB
-
MD5
9e9b0ef4fc739c3eb36a762122451992
-
SHA1
035fe67a3d04f0a678724851cabc917b28416fe1
-
SHA256
0ee7783213426a5e46bc11a91acf5f2d73890bb09bbf4f3b932a4b79eeb6b820
-
SHA512
01435694c0941b004584d40c3d11866e8f319445ed937095d9777911bd6f36c6bd9449b4effa369120cf6ded9de9a375719e256c6f8380bd5fbd4f4ca0c6d715
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1056 wrote to memory of 1768 1056 rundll32.exe rundll32.exe PID 1056 wrote to memory of 1768 1056 rundll32.exe rundll32.exe PID 1056 wrote to memory of 1768 1056 rundll32.exe rundll32.exe PID 1056 wrote to memory of 1768 1056 rundll32.exe rundll32.exe PID 1056 wrote to memory of 1768 1056 rundll32.exe rundll32.exe PID 1056 wrote to memory of 1768 1056 rundll32.exe rundll32.exe PID 1056 wrote to memory of 1768 1056 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1768-0-0x0000000000000000-mapping.dmp