Analysis
-
max time kernel
117s -
max time network
144s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
24-01-2022 01:23
General
-
Target
a733760b6ec283f103e8eeca99a1fc6ff7173f7f5c49912db3293060fb6f9bf1.dll
-
Size
164KB
-
MD5
f8c6aa1221cff707326a236c866f35cd
-
SHA1
17f5791a8744921e9f4f18c6413fded352f126ef
-
SHA256
a733760b6ec283f103e8eeca99a1fc6ff7173f7f5c49912db3293060fb6f9bf1
-
SHA512
dcbc7f416250403b64d9bf16c80b46a3018dfddd74fc2d731eaa5ec1ad4f22644b66ff566443a42abf979c1ab0980fa48118396796ac0e5f1d11eb220694161e
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\a733760b6ec283f103e8eeca99a1fc6ff7173f7f5c49912db3293060fb6f9bf1.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\a733760b6ec283f103e8eeca99a1fc6ff7173f7f5c49912db3293060fb6f9bf1.dll,#12⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1684-54-0x0000000075D61000-0x0000000075D63000-memory.dmpFilesize
8KB
-
memory/1684-56-0x0000000000130000-0x000000000013A000-memory.dmpFilesize
40KB
-
memory/1684-57-0x0000000000140000-0x0000000000141000-memory.dmpFilesize
4KB
-
memory/1684-58-0x0000000000150000-0x0000000000151000-memory.dmpFilesize
4KB
-
memory/1684-59-0x00000000001B0000-0x00000000001B1000-memory.dmpFilesize
4KB
-
memory/1684-60-0x0000000002F30000-0x0000000002FCF000-memory.dmpFilesize
636KB
-
memory/1684-61-0x0000000002FD0000-0x00000000030FD000-memory.dmpFilesize
1.2MB
-
memory/1684-62-0x00000000002A0000-0x00000000002BF000-memory.dmpFilesize
124KB
-
memory/1684-63-0x0000000003410000-0x0000000003519000-memory.dmpFilesize
1.0MB
-
memory/1684-64-0x00000000001C0000-0x00000000001C6000-memory.dmpFilesize
24KB