Analysis
-
max time kernel
8s -
max time network
12s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
21-01-2022 01:00
Static task
static1
Behavioral task
behavioral1
Sample
35c75094eea47858d37e8b0b757875fdfd4cae348819a9fd3bcf82650e88b609.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
35c75094eea47858d37e8b0b757875fdfd4cae348819a9fd3bcf82650e88b609.dll
Resource
win10v2004-en-20220113
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
35c75094eea47858d37e8b0b757875fdfd4cae348819a9fd3bcf82650e88b609.dll
-
Size
628KB
-
MD5
1f30c07b56800bc5e058ee277f43aaa6
-
SHA1
cab55efefe63f1179127dddc62bd35cedcdf1dd2
-
SHA256
35c75094eea47858d37e8b0b757875fdfd4cae348819a9fd3bcf82650e88b609
-
SHA512
945f0b0755dc995222fe864164536795c0e5068c14cc2ad78b851e6447378b2cc1695e0e953faeed5b5ebccf6a9a9840c36beb48808d6aae2a8ab90c043b293a
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3668 wrote to memory of 2168 3668 rundll32.exe rundll32.exe PID 3668 wrote to memory of 2168 3668 rundll32.exe rundll32.exe PID 3668 wrote to memory of 2168 3668 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\35c75094eea47858d37e8b0b757875fdfd4cae348819a9fd3bcf82650e88b609.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\35c75094eea47858d37e8b0b757875fdfd4cae348819a9fd3bcf82650e88b609.dll,#12⤵