Analysis
-
max time kernel
14s -
max time network
110s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
29-01-2021 12:29
Static task
static1
Behavioral task
behavioral1
Sample
pol.exe.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
pol.exe.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
pol.exe.dll
-
Size
330KB
-
MD5
8abc46f4ec219b16a01efb6d821a8b35
-
SHA1
88ba80faffe4d8a3b8e278c42918a7deab346346
-
SHA256
6a3bad3772d7c915670fc4f4ec7f7fd859ce290f003a1c1712f212a69f53775d
-
SHA512
6abbe3406beadb839d2af455bddd8a94b0a402b0048b2d2c2a8b58d4af5d452b6145872a91449fcf7740bc6d0e40f24496730c5d5ddeedfb260f2b8ead230bfd
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3928 wrote to memory of 744 3928 rundll32.exe rundll32.exe PID 3928 wrote to memory of 744 3928 rundll32.exe rundll32.exe PID 3928 wrote to memory of 744 3928 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/744-2-0x0000000000000000-mapping.dmp