Analysis
-
max time kernel
13s -
max time network
112s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
26-01-2021 23:54
Static task
static1
Behavioral task
behavioral1
Sample
aretmrytntm.sqj.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
aretmrytntm.sqj.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
aretmrytntm.sqj.dll
-
Size
330KB
-
MD5
824fd8be213246bef034dffc574a9579
-
SHA1
8254291e676e83e7ec92370e67ad0a08014ab52b
-
SHA256
a7979541a188f04dfa7f2981e0dcabc700da73422ce7ce43c9fce5896eb5085c
-
SHA512
51e481347ea6d415657c8f1bd05440d0b01dfe1e42b1df93d0afa0a0b6ee0e7d12cd4d017f6234863554da853f2ab309c25fdf3952eb432a756a31a1c8cb6f98
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 816 wrote to memory of 1028 816 rundll32.exe rundll32.exe PID 816 wrote to memory of 1028 816 rundll32.exe rundll32.exe PID 816 wrote to memory of 1028 816 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1028-2-0x0000000000000000-mapping.dmp