Overview

overview

10

Static

static

10

95f7c2f8be...28.dll

windows7_x64

1

95f7c2f8be...28.dll

windows10_x64

10

Analysis

  • max time kernel
    120s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    24-01-2022 01:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    95f7c2f8bea207767f8d90c3b53dc24a9fc8c0025f7bcd113adde90d2f8cfa28.dll

  • Size

    164KB

  • MD5

    117dc83b400a889887c4e959f76ba1f7

  • SHA1

    230743fc8e88c547d27de91192e9892cd8708c9f

  • SHA256

    95f7c2f8bea207767f8d90c3b53dc24a9fc8c0025f7bcd113adde90d2f8cfa28

  • SHA512

    9f17f3b8f53a2e4a2267d15900117b7674450c389ff53e1fa18b73b723703f5d5f6e5b61201f5b1b594c101607f92c4a2c80557684e4f16112286ff617b96fa6

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\95f7c2f8bea207767f8d90c3b53dc24a9fc8c0025f7bcd113adde90d2f8cfa28.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1220
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\95f7c2f8bea207767f8d90c3b53dc24a9fc8c0025f7bcd113adde90d2f8cfa28.dll,#1
      2⤵
        PID:1412

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1412-54-0x0000000076071000-0x0000000076073000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1412-56-0x0000000000120000-0x000000000012A000-memory.dmp
      Filesize

      40KB

      Download
    • memory/1412-57-0x0000000000130000-0x0000000000131000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1412-58-0x0000000000150000-0x0000000000151000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1412-59-0x0000000000160000-0x0000000000161000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1412-60-0x0000000002CC0000-0x0000000002D5F000-memory.dmp
      Filesize

      636KB

      Download
    • memory/1412-62-0x0000000002D60000-0x0000000002E8D000-memory.dmp
      Filesize

      1.2MB

      Download
    • memory/1412-63-0x0000000000240000-0x000000000025F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/1412-65-0x00000000001B0000-0x00000000001B6000-memory.dmp
      Filesize

      24KB

      Download
    • memory/1412-64-0x00000000033F0000-0x00000000034F9000-memory.dmp
      Filesize

      1.0MB

      Download