Analysis
-
max time kernel
74s -
max time network
31s -
platform
windows7_x64 -
resource
win7-en-20210916 -
submitted
19-09-2021 01:24
Behavioral task
behavioral1
Sample
4b20000.dll
Resource
win7-en-20210916
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
4b20000.dll
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
4b20000.dll
-
Size
42KB
-
MD5
0a8475321957e6afe4762f84717db4df
-
SHA1
68fe53e05f442196f7895098f96b633000d64e5a
-
SHA256
a7851fc690ef45d45b1d74148d2c775168b55353c778897b7d0388fb140dd59a
-
SHA512
b0e5599131566fe802a0a036bf8b84b7a364c15c21f2a774760aa6a1f72a8174291bf60a29a73164ef22d02737ecf68c2a9a72e7af58cf1c845ded59d9f25016
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 968 wrote to memory of 520 968 rundll32.exe rundll32.exe PID 968 wrote to memory of 520 968 rundll32.exe rundll32.exe PID 968 wrote to memory of 520 968 rundll32.exe rundll32.exe PID 968 wrote to memory of 520 968 rundll32.exe rundll32.exe PID 968 wrote to memory of 520 968 rundll32.exe rundll32.exe PID 968 wrote to memory of 520 968 rundll32.exe rundll32.exe PID 968 wrote to memory of 520 968 rundll32.exe rundll32.exe