27dd13f1594175d1084205aea35467b025be2f0616fbf9dcd1b13bddc970640c | Triage

Analysis

max time kernel
23s
max time network
111s
platform
windows10_x64
resource
win10v20201028
submitted
08-04-2021 05:20

Sharing

Report Analysis Logs

General

Target

F3BIETBP.dll.694C9C0C_64EF_4653_AE1B_D65BADBFFC87.dll
Size

29KB
MD5

df5f91d83669b9125b1f572345812cd5
SHA1

f113fbce6ade0d73e7268ff663e0412736ba537e
SHA256

8ae9fd1686ce101915bc5fc2950055e9aa40e05df6f119f99c1f4f4e476f9647
SHA512

fb62c935cdb7d7f42c395176bd66ab11417c6dafa4951c5e1828c77ef9ef0e38525d85e8b4651663c808ef7d481e8e8a95e9d4945b6b961b551dfdd4114cc101

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 696 wrote to memory of 1484	696	rundll32.exe	rundll32.exe
PID 696 wrote to memory of 1484	696	rundll32.exe	rundll32.exe
PID 696 wrote to memory of 1484	696	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\F3BIETBP.dll.694C9C0C_64EF_4653_AE1B_D65BADBFFC87.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:696

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\F3BIETBP.dll.694C9C0C_64EF_4653_AE1B_D65BADBFFC87.dll,#1
2⤵
PID:1484

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1484-2-0x0000000000000000-mapping.dmp

Download