Analysis
-
max time kernel
3s -
max time network
9s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
09-11-2020 19:27
Static task
static1
Behavioral task
behavioral1
Sample
file.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
file.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
file.dll
-
Size
164KB
-
MD5
d017828944f5365b17520051ac994d03
-
SHA1
7a5b42b5645b9685dc3864a860dd3f4a042ffc50
-
SHA256
22e6baf4d3e4dba5f6f3ab349700d0169eeeb4a989b20b64a6aefba8be9fa64a
-
SHA512
58e259497c0cc3bec6527685d33afa9137fcb5640be1c57b390a2ef69b1878d34f72723f5587d984d84a5b5558961a8731285b4cf3c3b733a931bd6a4d8eb4c0
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1912 wrote to memory of 1884 1912 rundll32.exe rundll32.exe PID 1912 wrote to memory of 1884 1912 rundll32.exe rundll32.exe PID 1912 wrote to memory of 1884 1912 rundll32.exe rundll32.exe PID 1912 wrote to memory of 1884 1912 rundll32.exe rundll32.exe PID 1912 wrote to memory of 1884 1912 rundll32.exe rundll32.exe PID 1912 wrote to memory of 1884 1912 rundll32.exe rundll32.exe PID 1912 wrote to memory of 1884 1912 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1884-0-0x0000000000000000-mapping.dmp