Analysis
-
max time kernel
3s -
max time network
5s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
19-01-2022 05:00
Static task
static1
Behavioral task
behavioral1
Sample
3be6efe16808b17ceab22c919d78732ccd63b012a00aacb354f8ebfc1408c311.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
3be6efe16808b17ceab22c919d78732ccd63b012a00aacb354f8ebfc1408c311.dll
Resource
win10v2004-en-20220113
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
3be6efe16808b17ceab22c919d78732ccd63b012a00aacb354f8ebfc1408c311.dll
-
Size
628KB
-
MD5
bb2dba09511b56a9e2b3ef9aa9ac7674
-
SHA1
020ef1abbffac027c7d187a5dd48c43affcf7e90
-
SHA256
3be6efe16808b17ceab22c919d78732ccd63b012a00aacb354f8ebfc1408c311
-
SHA512
240cce0518a5560553f808dcf0844045b34e25e164be3478d11f8650516ac18e06c1fd819aa310d3e8d7c504816d569e7742fb6473eaefd7d6596bbfb3c17f8a
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 1568 wrote to memory of 2184 1568 rundll32.exe rundll32.exe PID 1568 wrote to memory of 2184 1568 rundll32.exe rundll32.exe PID 1568 wrote to memory of 2184 1568 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\3be6efe16808b17ceab22c919d78732ccd63b012a00aacb354f8ebfc1408c311.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\3be6efe16808b17ceab22c919d78732ccd63b012a00aacb354f8ebfc1408c311.dll,#12⤵