Analysis
-
max time kernel
119s -
max time network
142s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
24-01-2022 00:54
Static task
static1
Behavioral task
behavioral1
Sample
db1320b53ae8e0de5a262ec93742a8f8ef65dd57955b724b39d691e0538de465.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
db1320b53ae8e0de5a262ec93742a8f8ef65dd57955b724b39d691e0538de465.dll
Resource
win10-en-20211208
windows10_x64
0 signatures
0 seconds
General
-
Target
db1320b53ae8e0de5a262ec93742a8f8ef65dd57955b724b39d691e0538de465.dll
-
Size
164KB
-
MD5
334d1fb660cca4c7175dc3ad17358052
-
SHA1
c986d2ff01dd321b32076c75b8f492931e31e7c1
-
SHA256
db1320b53ae8e0de5a262ec93742a8f8ef65dd57955b724b39d691e0538de465
-
SHA512
8da4357907af0e07d3f560aeaf6959f4e12e63d52bd133d1b872a193368876685d1d18ee7c626358ec55cd60d9122a23d444051bb79f07eb3a0e1321193ea4a8
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 2544 wrote to memory of 2612 2544 rundll32.exe rundll32.exe PID 2544 wrote to memory of 2612 2544 rundll32.exe rundll32.exe PID 2544 wrote to memory of 2612 2544 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\db1320b53ae8e0de5a262ec93742a8f8ef65dd57955b724b39d691e0538de465.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2544 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\db1320b53ae8e0de5a262ec93742a8f8ef65dd57955b724b39d691e0538de465.dll,#12⤵PID:2612