Analysis

  • max time kernel
    42s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-en-20210920
  • submitted
    20-10-2021 15:32

General

  • Target

    San11 Tc/DrvMgt.dll

  • Size

    45KB

  • MD5

    9b188e6f9fac4b8fb8d536015589df37

  • SHA1

    a5247ec0ec50b8f470c93bf23e3f2514c402d5ad

  • SHA256

    538471b7ebe7db84153d4ece0012167805333152c2bf1f83c08da28945e6d85b

  • SHA512

    a6e2963bd09b0d39f7ca929ae2eba1639e6301a93755bd83f1c853f55c658936585f6171d0376ee4022a84c9be5383f4522cfc8277b51502147d88664c7063dd

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\San11 Tc\DrvMgt.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1108
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\San11 Tc\DrvMgt.dll",#1
      2⤵
        PID:1648

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1648-54-0x0000000000000000-mapping.dmp
    • memory/1648-55-0x0000000075BF1000-0x0000000075BF3000-memory.dmp
      Filesize

      8KB