Analysis
-
max time kernel
12s -
max time network
18s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
19-01-2022 15:54
Static task
static1
Behavioral task
behavioral1
Sample
24f1a3db1a108d35950cb15bd93dd13c4455f13b.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
24f1a3db1a108d35950cb15bd93dd13c4455f13b.dll
Resource
win10v2004-en-20220113
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
24f1a3db1a108d35950cb15bd93dd13c4455f13b.dll
-
Size
644KB
-
MD5
259bda03244a5c9077b39d0632ba829e
-
SHA1
24f1a3db1a108d35950cb15bd93dd13c4455f13b
-
SHA256
b83f24c6503b8ca75beea28f0992d819ff195463c8629bb5c69b82e6c03aa4c3
-
SHA512
f1053c863125f918accd1e2fb5211773313defc6a2dec607eca4041e73f7307058193e6291fc7c2c66125ebc3ee61e451e217148f463b7bfdcebcd3125cc05a7
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 1324 wrote to memory of 1400 1324 rundll32.exe rundll32.exe PID 1324 wrote to memory of 1400 1324 rundll32.exe rundll32.exe PID 1324 wrote to memory of 1400 1324 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\24f1a3db1a108d35950cb15bd93dd13c4455f13b.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\24f1a3db1a108d35950cb15bd93dd13c4455f13b.dll,#12⤵