Analysis
-
max time kernel
34s -
max time network
35s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
23-02-2021 12:38
Static task
static1
Behavioral task
behavioral1
Sample
58649040d27e68df67db363c47e46e9a5300589d3f0301b9db9d0ad9e67a1883.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
General
-
Target
58649040d27e68df67db363c47e46e9a5300589d3f0301b9db9d0ad9e67a1883.dll
-
Size
184KB
-
MD5
204c4edc81171112069b8aed94716272
-
SHA1
d721ff31dea810844ae4910011a72979026818ad
-
SHA256
58649040d27e68df67db363c47e46e9a5300589d3f0301b9db9d0ad9e67a1883
-
SHA512
627a5fd1ee6bbf5b561e5b214e9c85ef3a4d3bb3d327911b0df06c3e750260d136c103e158745b3cf1b09a69db3604daaaca238ac43caa99f54a08b75b7802c4
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 2004 wrote to memory of 2036 2004 rundll32.exe rundll32.exe PID 2004 wrote to memory of 2036 2004 rundll32.exe rundll32.exe PID 2004 wrote to memory of 2036 2004 rundll32.exe rundll32.exe PID 2004 wrote to memory of 2036 2004 rundll32.exe rundll32.exe PID 2004 wrote to memory of 2036 2004 rundll32.exe rundll32.exe PID 2004 wrote to memory of 2036 2004 rundll32.exe rundll32.exe PID 2004 wrote to memory of 2036 2004 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\58649040d27e68df67db363c47e46e9a5300589d3f0301b9db9d0ad9e67a1883.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\58649040d27e68df67db363c47e46e9a5300589d3f0301b9db9d0ad9e67a1883.dll,#12⤵