Analysis
-
max time kernel
142s -
max time network
159s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
24-01-2022 03:23
Static task
static1
Behavioral task
behavioral1
Sample
cbca9a92a6aa067ff4cab8f1d34ec49ffc9a06c90881f48da369c973182ce06d.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
cbca9a92a6aa067ff4cab8f1d34ec49ffc9a06c90881f48da369c973182ce06d.dll
Resource
win10-en-20211208
windows10_x64
0 signatures
0 seconds
General
-
Target
cbca9a92a6aa067ff4cab8f1d34ec49ffc9a06c90881f48da369c973182ce06d.dll
-
Size
207KB
-
MD5
721254f41286717aa1cd9d7d652a9fa1
-
SHA1
b48e7a639d2e51e2ae2efdebb0723fe1f8dd84e6
-
SHA256
cbca9a92a6aa067ff4cab8f1d34ec49ffc9a06c90881f48da369c973182ce06d
-
SHA512
5aae8ff3790085e98ec5c20719f15b70b8e225c105ae0f284c0a3d89d6fbb4c93153c8286523ddc0dad371d6a1bc4544718017919a87af456f7376ed129337cb
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3620 wrote to memory of 3644 3620 rundll32.exe rundll32.exe PID 3620 wrote to memory of 3644 3620 rundll32.exe rundll32.exe PID 3620 wrote to memory of 3644 3620 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\cbca9a92a6aa067ff4cab8f1d34ec49ffc9a06c90881f48da369c973182ce06d.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\cbca9a92a6aa067ff4cab8f1d34ec49ffc9a06c90881f48da369c973182ce06d.dll,#12⤵