Analysis
-
max time kernel
151s -
max time network
138s -
platform
windows7_x64 -
resource
win7-fr -
submitted
15-09-2021 07:57
General
-
Target
182c90f0b28.dll
-
Size
185KB
-
MD5
f70e95686aa5e6e725cf446f04b4200c
-
SHA1
5f277c91ca2f6c89e467ade2e56107aeafe862ff
-
SHA256
0a8f78fd1b6fba7b0dc173b8ec2d398ace641bad5f067dd19bbd817d60407843
-
SHA512
fddb7d047506887e26f863b524f2295dff8f21436043c6998e4346ccbed893e506752c50990c1aa5b3ea970f849af7ab09631ee2d62c72e99d756ccfa2c8f079
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of FindShellTrayWindow 64 IoCs
-
Suspicious use of SendNotifyMessage 64 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\182c90f0b28.dll,#11⤵
-
C:\Windows\system32\taskmgr.exe"C:\Windows\system32\taskmgr.exe" /41⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1380-57-0x000007FEFC3A1000-0x000007FEFC3A3000-memory.dmpFilesize
8KB
-
memory/1960-53-0x0000000180000000-0x000000018001C000-memory.dmpFilesize
112KB