Analysis
-
max time kernel
10s -
max time network
15s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
18-01-2022 22:49
Static task
static1
Behavioral task
behavioral1
Sample
03339ad3c87e35a6a0e59ace83ca82f0d37af9a858f3b25dab14b7ae8053835a.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
03339ad3c87e35a6a0e59ace83ca82f0d37af9a858f3b25dab14b7ae8053835a.dll
Resource
win10v2004-en-20220113
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
03339ad3c87e35a6a0e59ace83ca82f0d37af9a858f3b25dab14b7ae8053835a.dll
-
Size
633KB
-
MD5
5a26d9ae9c7e910b86efcd6979f7ded6
-
SHA1
f346145ac18ff4b2328db6ded32daa2cf070225a
-
SHA256
03339ad3c87e35a6a0e59ace83ca82f0d37af9a858f3b25dab14b7ae8053835a
-
SHA512
de48a226caa8d46bd9f8fc957c84d72a8a5fcabfba64695d93c58fdd184844b50716b61df70bf3225ca99a15a2195de210af2e2f59fd74f7f1d78cbe65b3e265
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3692 wrote to memory of 3668 3692 rundll32.exe rundll32.exe PID 3692 wrote to memory of 3668 3692 rundll32.exe rundll32.exe PID 3692 wrote to memory of 3668 3692 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\03339ad3c87e35a6a0e59ace83ca82f0d37af9a858f3b25dab14b7ae8053835a.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\03339ad3c87e35a6a0e59ace83ca82f0d37af9a858f3b25dab14b7ae8053835a.dll,#12⤵