717c6ba0f1c3ddbb2662cbd9cdb36d8156bf35fffd5a2ae60899c467aa51fc98 | Triage

Analysis

max time kernel
120s
max time network
138s
platform
windows10_x64
resource
win10-en-20211208
submitted
28-01-2022 20:18

Sharing

Report Analysis Logs

General

Target

12.dll
Size

10.0MB
MD5

7f78ae69844211d99f7ea7817a42e144
SHA1

2e1da4e8722535502c2d21370bcca8d2aa52c5b5
SHA256

eea2d44c5b5b3f9f743f9053d5cdd66f8d890983e499231a8dfa2712502d9b25
SHA512

eb5d09463f773ecb63db2d11742ae2885665127687a14ba2eee6ba40caeb3c81345e682730a64dd7044e1b1465d5cca904fc2ce6b2ae9afc3b9b931deaa102a3

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3528 wrote to memory of 3600	3528	rundll32.exe	68
PID 3528 wrote to memory of 3600	3528	rundll32.exe	68
PID 3528 wrote to memory of 3600	3528	rundll32.exe	68

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\12.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3528
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\12.dll,#1
  2⤵
  PID:3600

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads