Analysis
-
max time kernel
5s -
max time network
13s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
09-11-2020 20:37
Static task
static1
Behavioral task
behavioral1
Sample
pk9rEyAv.exe.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
pk9rEyAv.exe.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
pk9rEyAv.exe.dll
-
Size
115KB
-
MD5
3da6484a1a8f6672a79b23810c6e79cb
-
SHA1
bd452d1c9431344fbd9c95e0d520a87015b8efad
-
SHA256
ddf74c11fc2d7aa8e26404ea318b40070e29b49cf977f0ef76b1e04fa2e8f2e7
-
SHA512
5928ea70eaaae41792de72af682045a56405d3d851a60016115b9a556174fdb759477271d312825770088eac591b9fe1d126fac68efbbd8d391082b101ef1336
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1876 wrote to memory of 2040 1876 rundll32.exe rundll32.exe PID 1876 wrote to memory of 2040 1876 rundll32.exe rundll32.exe PID 1876 wrote to memory of 2040 1876 rundll32.exe rundll32.exe PID 1876 wrote to memory of 2040 1876 rundll32.exe rundll32.exe PID 1876 wrote to memory of 2040 1876 rundll32.exe rundll32.exe PID 1876 wrote to memory of 2040 1876 rundll32.exe rundll32.exe PID 1876 wrote to memory of 2040 1876 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2040-0-0x0000000000000000-mapping.dmp