Overview

overview

10

Static

static

10

a683598387...f2.dll

windows7_x64

1

a683598387...f2.dll

windows10_x64

10

Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    24-01-2022 01:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a683598387e9e27fb515703b28b7d7abff0f38c78b172c148a4cc71339896cf2.dll

  • Size

    164KB

  • MD5

    63b4982a662c0de086d77a627a8765b1

  • SHA1

    fc4fd68c29463a123891158bbad80f581a12473a

  • SHA256

    a683598387e9e27fb515703b28b7d7abff0f38c78b172c148a4cc71339896cf2

  • SHA512

    5b8a953f8aee68f932477d203c9ddb1f8a0c77cc548a8c004ae972ad2886c076088c2f0b808d0b026607a78b573e18781f9a2fb3fc456a4ad477e858853eae92

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\a683598387e9e27fb515703b28b7d7abff0f38c78b172c148a4cc71339896cf2.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1604
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\a683598387e9e27fb515703b28b7d7abff0f38c78b172c148a4cc71339896cf2.dll,#1
      2⤵
        PID:1332

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1332-54-0x0000000075471000-0x0000000075473000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1332-56-0x0000000002F70000-0x000000000300F000-memory.dmp
      Filesize

      636KB

      Download
    • memory/1332-57-0x0000000003010000-0x000000000313D000-memory.dmp
      Filesize

      1.2MB

      Download
    • memory/1332-58-0x0000000000160000-0x000000000016A000-memory.dmp
      Filesize

      40KB

      Download
    • memory/1332-60-0x0000000000230000-0x000000000024F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/1332-61-0x0000000000180000-0x0000000000181000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1332-59-0x0000000000170000-0x0000000000171000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1332-62-0x00000000033F0000-0x00000000034F9000-memory.dmp
      Filesize

      1.0MB

      Download
    • memory/1332-63-0x00000000001A0000-0x00000000001A6000-memory.dmp
      Filesize

      24KB

      Download
    • memory/1332-64-0x0000000000190000-0x0000000000191000-memory.dmp
      Filesize

      4KB

      Download