Analysis
-
max time kernel
3s -
max time network
8s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
17-12-2020 14:50
Behavioral task
behavioral1
Sample
5555555555.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
5555555555.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
5555555555.dll
-
Size
2.2MB
-
MD5
d93e664851c7d28b2aa4e024ce820a83
-
SHA1
0ade1f8c1072e9828eba8a1c99a25a748086795e
-
SHA256
c503aa1dbf3c19582320dd843867711ac3565adb1ef0a3b0d73cfc90a4a3cd21
-
SHA512
0d0f7cea9e8455020dcdb0da012f3820e4ba4c3f0fefa11b1884b2908cfc5ebb101391dbadddbe014bdbe11e40b27a8b1d35931ce04bb9ce96848be8565d6d55
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1696 wrote to memory of 1664 1696 rundll32.exe rundll32.exe PID 1696 wrote to memory of 1664 1696 rundll32.exe rundll32.exe PID 1696 wrote to memory of 1664 1696 rundll32.exe rundll32.exe PID 1696 wrote to memory of 1664 1696 rundll32.exe rundll32.exe PID 1696 wrote to memory of 1664 1696 rundll32.exe rundll32.exe PID 1696 wrote to memory of 1664 1696 rundll32.exe rundll32.exe PID 1696 wrote to memory of 1664 1696 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1664-2-0x0000000000000000-mapping.dmp