Analysis
-
max time kernel
118s -
max time network
138s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
24-01-2022 01:17
General
-
Target
b2bc8b74846b6caa644107fe50a7a7ae7d44fc6a2e154064d742ec3daf81cfbc.dll
-
Size
164KB
-
MD5
1929607abe0a6247be80b1ad7f272890
-
SHA1
39de4e83c82237c92d1cceaddf010362642141ed
-
SHA256
b2bc8b74846b6caa644107fe50a7a7ae7d44fc6a2e154064d742ec3daf81cfbc
-
SHA512
c77660e1d51f644635197f6afa9e57fdfaedaf7d24550816ad105fdf737d87dfab9935ec092c2e3af115127e0c05a35900f8be83e051a9fe71d2fb4b0560e0e1
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\b2bc8b74846b6caa644107fe50a7a7ae7d44fc6a2e154064d742ec3daf81cfbc.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\b2bc8b74846b6caa644107fe50a7a7ae7d44fc6a2e154064d742ec3daf81cfbc.dll,#12⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1652-55-0x0000000074B21000-0x0000000074B23000-memory.dmpFilesize
8KB
-
memory/1652-57-0x0000000000120000-0x000000000012A000-memory.dmpFilesize
40KB
-
memory/1652-58-0x0000000000130000-0x0000000000131000-memory.dmpFilesize
4KB
-
memory/1652-59-0x0000000000140000-0x0000000000141000-memory.dmpFilesize
4KB
-
memory/1652-60-0x0000000000150000-0x0000000000151000-memory.dmpFilesize
4KB
-
memory/1652-62-0x00000000030E0000-0x000000000320D000-memory.dmpFilesize
1.2MB
-
memory/1652-63-0x0000000000250000-0x000000000026F000-memory.dmpFilesize
124KB
-
memory/1652-65-0x0000000000160000-0x0000000000166000-memory.dmpFilesize
24KB
-
memory/1652-64-0x00000000034C0000-0x00000000035C9000-memory.dmpFilesize
1.0MB