Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
24-01-2022 00:49
General
-
Target
e3bb6566d7843fb3adb553dbb6f7c7d38bc94eeb72000c0a516397842123c7f2.dll
-
Size
166KB
-
MD5
d846ff7ad571d6f9b9313951f03d89d6
-
SHA1
8869b1b3c65ad6384dd1e52420c6482e8e3daf6f
-
SHA256
e3bb6566d7843fb3adb553dbb6f7c7d38bc94eeb72000c0a516397842123c7f2
-
SHA512
1149de23460ab43abbad09f42bd1b9c7574e2acd9a8a71ef10b3aa8c8f2a9e953194cc6cf1983812effafa25401c3e0dd42582cf08b363e8b3a8628cc1ac41eb
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\e3bb6566d7843fb3adb553dbb6f7c7d38bc94eeb72000c0a516397842123c7f2.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\e3bb6566d7843fb3adb553dbb6f7c7d38bc94eeb72000c0a516397842123c7f2.dll,#12⤵
- Suspicious behavior: EnumeratesProcesses
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1580-55-0x0000000074F11000-0x0000000074F13000-memory.dmpFilesize
8KB
-
memory/1580-59-0x00000000000F0000-0x00000000000FA000-memory.dmpFilesize
40KB
-
memory/1580-58-0x0000000002CA0000-0x0000000002D3F000-memory.dmpFilesize
636KB
-
memory/1580-60-0x0000000000100000-0x0000000000101000-memory.dmpFilesize
4KB
-
memory/1580-62-0x0000000000110000-0x0000000000111000-memory.dmpFilesize
4KB
-
memory/1580-63-0x00000000001E0000-0x00000000001E1000-memory.dmpFilesize
4KB
-
memory/1580-61-0x0000000002D40000-0x0000000002E6D000-memory.dmpFilesize
1.2MB
-
memory/1580-64-0x0000000000270000-0x000000000028F000-memory.dmpFilesize
124KB
-
memory/1580-65-0x00000000031A0000-0x00000000032A9000-memory.dmpFilesize
1.0MB
-
memory/1580-66-0x0000000000240000-0x0000000000246000-memory.dmpFilesize
24KB