Analysis
-
max time kernel
167s -
max time network
179s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
24-01-2022 02:00
Static task
static1
Behavioral task
behavioral1
Sample
5bfb1237443e270d7297a9bb2d4cc44cbc4f3ad0f71db00012a4cc0ae461e6d2.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
5bfb1237443e270d7297a9bb2d4cc44cbc4f3ad0f71db00012a4cc0ae461e6d2.dll
Resource
win10-en-20211208
windows10_x64
0 signatures
0 seconds
General
-
Target
5bfb1237443e270d7297a9bb2d4cc44cbc4f3ad0f71db00012a4cc0ae461e6d2.dll
-
Size
164KB
-
MD5
8b24ea434d60f99e1ff50810fb8d28da
-
SHA1
259f3974763f09d57129b3881b427fd9d30358d8
-
SHA256
5bfb1237443e270d7297a9bb2d4cc44cbc4f3ad0f71db00012a4cc0ae461e6d2
-
SHA512
aed4d982bc7b4513abf5ba237f562cca1332a2997c8826c81a262fddd64de9074f073f88aecd03ae901d58f9e677cdf5c59f61222606fa5e7da20ade96776371
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3936 wrote to memory of 652 3936 rundll32.exe rundll32.exe PID 3936 wrote to memory of 652 3936 rundll32.exe rundll32.exe PID 3936 wrote to memory of 652 3936 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\5bfb1237443e270d7297a9bb2d4cc44cbc4f3ad0f71db00012a4cc0ae461e6d2.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\5bfb1237443e270d7297a9bb2d4cc44cbc4f3ad0f71db00012a4cc0ae461e6d2.dll,#12⤵