Analysis
-
max time kernel
3s -
max time network
14s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
18-01-2022 21:18
Static task
static1
Behavioral task
behavioral1
Sample
bd3511db489e06a09cbe3f91ef7ef8f5ada5e39b0ade781f744896dd46bef213.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
bd3511db489e06a09cbe3f91ef7ef8f5ada5e39b0ade781f744896dd46bef213.dll
Resource
win10v2004-en-20220113
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
bd3511db489e06a09cbe3f91ef7ef8f5ada5e39b0ade781f744896dd46bef213.dll
-
Size
630KB
-
MD5
40c4c9f214b47e21fd9632c4f1d35900
-
SHA1
7c8ac3aa2e4312a7d6323f46cbe6f619fc61124d
-
SHA256
bd3511db489e06a09cbe3f91ef7ef8f5ada5e39b0ade781f744896dd46bef213
-
SHA512
cb68a118692cd6f8b9875b8d83c600b705438d729550e99c6c3791b017e3e19b08cc66bedcaaa8db58b6af062ef7a7a05da9427906d24d9db685329c5ff369fe
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 2312 wrote to memory of 3936 2312 rundll32.exe rundll32.exe PID 2312 wrote to memory of 3936 2312 rundll32.exe rundll32.exe PID 2312 wrote to memory of 3936 2312 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\bd3511db489e06a09cbe3f91ef7ef8f5ada5e39b0ade781f744896dd46bef213.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\bd3511db489e06a09cbe3f91ef7ef8f5ada5e39b0ade781f744896dd46bef213.dll,#12⤵