Analysis
-
max time kernel
13s -
max time network
21s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
22-01-2021 08:54
Static task
static1
Behavioral task
behavioral1
Sample
ekluozek.kwe.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
ekluozek.kwe.dll
-
Size
330KB
-
MD5
8dd56158c19ca50f58de0bdf921dd8c8
-
SHA1
da8d025461a720a4a8b5a8bc25a7ebd53f0340b6
-
SHA256
be84e3796d98803e8e0d8bc8577e182fceeab42213d4c02fbfad35c5e9674f58
-
SHA512
880fc3bb186799dafd14742fcfaf81ad7607c4c8be1f4453faca03574aa0d21d452830b0f1f336bb8ea45393bbb8981be4d99fc2fe82b5f25db501bfdd690f8a
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3888 wrote to memory of 3812 3888 rundll32.exe rundll32.exe PID 3888 wrote to memory of 3812 3888 rundll32.exe rundll32.exe PID 3888 wrote to memory of 3812 3888 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3812-2-0x0000000000000000-mapping.dmp