Overview

overview

10

Static

static

10

2ca64feaaf...f6.dll

windows7_x64

1

2ca64feaaf...f6.dll

windows10_x64

10

Resubmissions

06-08-2021 11:10

210806-nryv4jdnhn 10

06-08-2021 11:02

210806-tjab2bz1f2 10

Analysis

  • max time kernel
    240s
  • max time network
    264s
  • platform
    windows7_x64
  • resource
    win7v20210410
  • submitted
    06-08-2021 11:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2ca64feaaf5ab6cf96677fbc2bc0e1995b3bc93472d7af884139aa757240e3f6.dll

  • Size

    164KB

  • MD5

    6e3efb83299d800edf1624ecbc0665e7

  • SHA1

    0bd22f204c5373f1a22d9a02c59f69f354a2cc0d

  • SHA256

    2ca64feaaf5ab6cf96677fbc2bc0e1995b3bc93472d7af884139aa757240e3f6

  • SHA512

    dd1675bb15eb8ea2933b25413271117823ad7ff38280e7f552b5201e3a5bef8607a2112df2e24f598449ebfdb570ff9458aba0314ed8819dd4d774ea855e9ad2

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\2ca64feaaf5ab6cf96677fbc2bc0e1995b3bc93472d7af884139aa757240e3f6.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\2ca64feaaf5ab6cf96677fbc2bc0e1995b3bc93472d7af884139aa757240e3f6.dll,#1
      2⤵
        PID:1080

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1080-60-0x0000000000000000-mapping.dmp

      Download

    • memory/1080-61-0x0000000075011000-0x0000000075013000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1080-64-0x0000000003130000-0x000000000325D000-memory.dmp

      Filesize

      1.2MB

      Download

    • memory/1080-65-0x00000000002B0000-0x00000000002CF000-memory.dmp

      Filesize

      124KB

      Download

    • memory/1080-66-0x00000000034B0000-0x00000000035B9000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/1080-68-0x00000000000C0000-0x00000000000C1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1080-67-0x00000000000B0000-0x00000000000BA000-memory.dmp

      Filesize

      40KB

      Download

    • memory/1080-70-0x0000000000120000-0x0000000000121000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1080-69-0x0000000000110000-0x0000000000111000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1080-71-0x0000000000130000-0x0000000000136000-memory.dmp

      Filesize

      24KB

      Download