Analysis
-
max time kernel
23s -
max time network
24s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
23-02-2021 12:38
Static task
static1
Behavioral task
behavioral1
Sample
7cb2d1ec1764fb23c38a6f48f1eaa61d014bfb970ac4f7c764bb6695e31fe56a.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
General
-
Target
7cb2d1ec1764fb23c38a6f48f1eaa61d014bfb970ac4f7c764bb6695e31fe56a.dll
-
Size
184KB
-
MD5
6294f9ac7297a0ac25f8d4f9f46d3ab4
-
SHA1
5762c4492041ab7f5bf4611a88d38f6fb0c33590
-
SHA256
7cb2d1ec1764fb23c38a6f48f1eaa61d014bfb970ac4f7c764bb6695e31fe56a
-
SHA512
4b326730f600f058464b3b7a42384668a43af92849d3ea04e217cd7fa974f8f35f68f590966e305df4daca2543ec59e9745e7e79fa6733a6bf93e9bb5fc11c57
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1944 wrote to memory of 1412 1944 rundll32.exe rundll32.exe PID 1944 wrote to memory of 1412 1944 rundll32.exe rundll32.exe PID 1944 wrote to memory of 1412 1944 rundll32.exe rundll32.exe PID 1944 wrote to memory of 1412 1944 rundll32.exe rundll32.exe PID 1944 wrote to memory of 1412 1944 rundll32.exe rundll32.exe PID 1944 wrote to memory of 1412 1944 rundll32.exe rundll32.exe PID 1944 wrote to memory of 1412 1944 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7cb2d1ec1764fb23c38a6f48f1eaa61d014bfb970ac4f7c764bb6695e31fe56a.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7cb2d1ec1764fb23c38a6f48f1eaa61d014bfb970ac4f7c764bb6695e31fe56a.dll,#12⤵