743b2aaedb3404e74de225ecf91ed0434fe4ee7279aa8bb6cb576316da1f3ef3 | Triage

Analysis

max time kernel
344s
max time network
524s
platform
windows10_x64
resource
win10-en
submitted
07-09-2021 17:15

Sharing

Report Analysis Logs

General

Target

FSOC/ssleay32.dll
Size

337KB
MD5

197da919e4c91125656bf905877c9b5a
SHA1

9574ec3e87bb0f7acce72d4d59d176296741aa83
SHA256

303c78aba3b776472c245f17020f9aa5a53f09a6f6c1e4f34b8e18e33906b5ee
SHA512

33c1b853181f83cab2f57f47fb7e093badf83963613e7328ebd23f0d62f59416d7a93063c6237435fbb6833a69bc44ebbc13aa585da010f491c680b2ea335c47

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3388 wrote to memory of 2648	3388	rundll32.exe	72
PID 3388 wrote to memory of 2648	3388	rundll32.exe	72
PID 3388 wrote to memory of 2648	3388	rundll32.exe	72

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\FSOC\ssleay32.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3388
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\FSOC\ssleay32.dll,#1
  2⤵
  PID:2648

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads