078fc91a424af8bd2c7ba72ed1e1c9087e934d1f43dd1af73ba046b1f7aa3a82

Analysis

max time kernel
0s
platform
windows10_x64
resource
win10-en-20210920
submitted
23-09-2021 03:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

078fc91a424af8bd2c7ba72ed1e1c9087e934d1f43dd1af73ba046b1f7aa3a82.exe.dll
Size

38KB
MD5

430d9d3ac7255158ee1fe64450fcb205
SHA1

3716cf72910d6576e55db3286a19586a2f919de7
SHA256

078fc91a424af8bd2c7ba72ed1e1c9087e934d1f43dd1af73ba046b1f7aa3a82
SHA512

84eda5e4a1b1b6c5633915e9de29aaa70827f33e74b83317e2310bf5a13a79e1170f80736a14147587fd109e5e465b0739b9823af15b4ea3903b38a4c7764350

Score

5^/10

Malware Config

Signatures

Suspicious use of SetThreadContext 64 IoCs

Processes:

rundll32.exe

description	pid	Process
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe
PID 2352 set thread context of 0	2352	rundll32.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

rundll32.exe

pid	Process
2352	rundll32.exe
2352	rundll32.exe

Suspicious behavior: MapViewOfSection 8 IoCs

Processes:

rundll32.exe

pid	Process
2352	rundll32.exe
2352	rundll32.exe
2352	rundll32.exe
2352	rundll32.exe
2352	rundll32.exe
2352	rundll32.exe
2352	rundll32.exe
2352	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\078fc91a424af8bd2c7ba72ed1e1c9087e934d1f43dd1af73ba046b1f7aa3a82.exe.dll,#1
1⤵
- Suspicious use of SetThreadContext
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: MapViewOfSection
PID:2352

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads