Analysis
-
max time kernel
2s -
max time network
1s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
19-01-2022 14:19
Static task
static1
Behavioral task
behavioral1
Sample
9f07b4d361df4a1b71c08e3686c45af62069c776d652f8d055bd05c9eebd82f6.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
9f07b4d361df4a1b71c08e3686c45af62069c776d652f8d055bd05c9eebd82f6.dll
Resource
win10v2004-en-20220113
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
9f07b4d361df4a1b71c08e3686c45af62069c776d652f8d055bd05c9eebd82f6.dll
-
Size
628KB
-
MD5
1a12c2f532fc10f7ccbfac3cc235d194
-
SHA1
0fbd241ef0b044059b18d2a898fd0b86ebc3e783
-
SHA256
9f07b4d361df4a1b71c08e3686c45af62069c776d652f8d055bd05c9eebd82f6
-
SHA512
b87bc4d7737cae8dbd6295855f8e8e71ce1cf0a085231cbce984a324ce21c20adbd7f99a6feb137ddf3d955b0d3f8d4d7e153d428d5705e941b3f3a1b904dd78
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 2992 wrote to memory of 3180 2992 rundll32.exe rundll32.exe PID 2992 wrote to memory of 3180 2992 rundll32.exe rundll32.exe PID 2992 wrote to memory of 3180 2992 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\9f07b4d361df4a1b71c08e3686c45af62069c776d652f8d055bd05c9eebd82f6.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\9f07b4d361df4a1b71c08e3686c45af62069c776d652f8d055bd05c9eebd82f6.dll,#12⤵