Analysis
-
max time kernel
4s -
max time network
8s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
18-01-2022 14:26
Static task
static1
Behavioral task
behavioral1
Sample
stage2.bin.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
stage2.bin.dll
Resource
win10v2004-en-20220113
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
stage2.bin.dll
-
Size
638KB
-
MD5
47200ffbb26a2c84b32e7d4e4d719e8c
-
SHA1
aba1a3188755d27187bff4e6d674597a7b4ea63a
-
SHA256
27f4da05b6a48dcaae5d957a2db822140dfc900066083694bae12925d5b725c8
-
SHA512
ea3619ad0f590b86a0751e89013f0cf0293f42871f7246e84867435323b3d092875bff28f170cdfdbf5109af1c3ac53000ad44c51d44e2bd735ff2a4cd4bec5d
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 1748 wrote to memory of 3968 1748 rundll32.exe rundll32.exe PID 1748 wrote to memory of 3968 1748 rundll32.exe rundll32.exe PID 1748 wrote to memory of 3968 1748 rundll32.exe rundll32.exe