9b6681103545432cd1373492297a6a12528f327d14a7416c2b71cfdcbdafc90b | Triage

Analysis

max time kernel
434s
max time network
517s
platform
windows10_x64
resource
win10-en
submitted
06/09/2021, 17:16

Sharing

Report Analysis Logs

General

Target

Notnice.jpg.dll
Size

258KB
MD5

d4b946b51dc21709f87a1a943ad7cbe3
SHA1

8c2a1c67493eff3990ab30862e094c34e6821eea
SHA256

9b6681103545432cd1373492297a6a12528f327d14a7416c2b71cfdcbdafc90b
SHA512

5416e92ce738dfc12db13cd03ea5c3317c528f947f51bb5a7873e72b4fdcc45109e7cb395aa09621458b93e95ae0436ca2da3076dd44b60207cf8d512336e4f3

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
5044	rundll32.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4692 wrote to memory of 5044	4692	rundll32.exe	72
PID 4692 wrote to memory of 5044	4692	rundll32.exe	72
PID 4692 wrote to memory of 5044	4692	rundll32.exe	72

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Notnice.jpg.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4692
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\Notnice.jpg.dll,#1
  2⤵
  - Suspicious use of SetWindowsHookEx
  PID:5044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads