Analysis
-
max time kernel
116s -
max time network
117s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
17-11-2020 11:24
Static task
static1
Behavioral task
behavioral1
Sample
7734910dc93d796a38d8c55dd56f0261.dll
Resource
win7v20201028
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
7734910dc93d796a38d8c55dd56f0261.dll
Resource
win10v20201028
0 signatures
0 seconds
General
-
Target
7734910dc93d796a38d8c55dd56f0261.dll
-
Size
207KB
-
MD5
9adfcae3f2d82d6e43eea400fb05634e
-
SHA1
734167a7357103a102c5127918fe5247f117263f
-
SHA256
f31acdffde4984697bac5031fa678121d0163c792e1325c7a6b9c4d753a1551b
-
SHA512
5ed8937453b9086c827ebed0c808f0a6441adaf87234b94fa296c7d5a0033e26d06057d9889015f498704b1a166648732c775cc039b8fa3bd7a64ed5ec5f6e40
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 760 wrote to memory of 1844 760 rundll32.exe rundll32.exe PID 760 wrote to memory of 1844 760 rundll32.exe rundll32.exe PID 760 wrote to memory of 1844 760 rundll32.exe rundll32.exe PID 760 wrote to memory of 1844 760 rundll32.exe rundll32.exe PID 760 wrote to memory of 1844 760 rundll32.exe rundll32.exe PID 760 wrote to memory of 1844 760 rundll32.exe rundll32.exe PID 760 wrote to memory of 1844 760 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7734910dc93d796a38d8c55dd56f0261.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7734910dc93d796a38d8c55dd56f0261.dll,#12⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1844-0-0x0000000000000000-mapping.dmp