Analysis
-
max time kernel
96s -
max time network
98s -
platform
windows10_x64 -
resource
win10v20210408 -
submitted
19-09-2021 01:24
Behavioral task
behavioral1
Sample
4b20000.dll
Resource
win7-en-20210916
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
4b20000.dll
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
4b20000.dll
-
Size
42KB
-
MD5
0a8475321957e6afe4762f84717db4df
-
SHA1
68fe53e05f442196f7895098f96b633000d64e5a
-
SHA256
a7851fc690ef45d45b1d74148d2c775168b55353c778897b7d0388fb140dd59a
-
SHA512
b0e5599131566fe802a0a036bf8b84b7a364c15c21f2a774760aa6a1f72a8174291bf60a29a73164ef22d02737ecf68c2a9a72e7af58cf1c845ded59d9f25016
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 808 wrote to memory of 916 808 rundll32.exe rundll32.exe PID 808 wrote to memory of 916 808 rundll32.exe rundll32.exe PID 808 wrote to memory of 916 808 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/916-114-0x0000000000000000-mapping.dmp