Analysis
-
max time kernel
4s -
max time network
12s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
08-01-2021 14:47
Static task
static1
Behavioral task
behavioral1
Sample
testtabDll32.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
testtabDll32.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
testtabDll32.dll
-
Size
625KB
-
MD5
d6e0c345f3abc33f2bb4e4ba41f01b1f
-
SHA1
e8cb7de0c5260772ea1042c957d3fdbe445fa025
-
SHA256
e799e731544a2516301735429bebfefd215ed782b1aa827a62d857d692e41560
-
SHA512
342edcb7ebbe01747b264a070141120880ff35104c0a2684c7268d1bf7795381ddbbe0a090eba7f7d5ab99453b748ec8afcad9e4003f90780afbbf4b9d5e25c1
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1584 wrote to memory of 1852 1584 rundll32.exe rundll32.exe PID 1584 wrote to memory of 1852 1584 rundll32.exe rundll32.exe PID 1584 wrote to memory of 1852 1584 rundll32.exe rundll32.exe PID 1584 wrote to memory of 1852 1584 rundll32.exe rundll32.exe PID 1584 wrote to memory of 1852 1584 rundll32.exe rundll32.exe PID 1584 wrote to memory of 1852 1584 rundll32.exe rundll32.exe PID 1584 wrote to memory of 1852 1584 rundll32.exe rundll32.exe