Overview

overview

10

Static

static

10

8a43b042a9...74.dll

windows7_x64

1

8a43b042a9...74.dll

windows10_x64

10

Analysis

  • max time kernel
    122s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    24-01-2022 01:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8a43b042a95595a00bb4ddef4cddc3a164b38ef0dbd3818f896aa42657c08374.dll

  • Size

    164KB

  • MD5

    53b5ee7a1b766ee06a8227bb0808f140

  • SHA1

    8de198317b0fc937cf0f3b679ca12b0994d05583

  • SHA256

    8a43b042a95595a00bb4ddef4cddc3a164b38ef0dbd3818f896aa42657c08374

  • SHA512

    a497a71ac75e77646a414b04a07a60a1a57bf956a481c479980c9a6b0f9779af8f0347e8cf6870c381580fd2c72d408bbb963712f1b7c31e2f920de4b131e0c9

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\8a43b042a95595a00bb4ddef4cddc3a164b38ef0dbd3818f896aa42657c08374.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1668
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\8a43b042a95595a00bb4ddef4cddc3a164b38ef0dbd3818f896aa42657c08374.dll,#1
      2⤵
        PID:1620

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1620-55-0x0000000075DF1000-0x0000000075DF3000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1620-57-0x0000000000170000-0x000000000017A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/1620-58-0x0000000000180000-0x0000000000181000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1620-59-0x0000000000190000-0x0000000000191000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1620-60-0x0000000000350000-0x0000000000351000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1620-61-0x0000000002C70000-0x0000000002D0F000-memory.dmp

      Filesize

      636KB

      Download

    • memory/1620-62-0x0000000002D10000-0x0000000002E3D000-memory.dmp

      Filesize

      1.2MB

      Download

    • memory/1620-63-0x0000000000780000-0x000000000079F000-memory.dmp

      Filesize

      124KB

      Download

    • memory/1620-64-0x0000000003020000-0x0000000003129000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/1620-65-0x0000000000360000-0x0000000000366000-memory.dmp

      Filesize

      24KB

      Download