Analysis
-
max time kernel
3s -
max time network
6s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
31-01-2022 15:54
Static task
static1
Behavioral task
behavioral1
Sample
if.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
if.dll
Resource
win10v2004-en-20220113
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
if.dll
-
Size
1.5MB
-
MD5
deef80792ae5c52d3553453d124c0457
-
SHA1
b809c0a54e70d8d2377fc37a17d952ec98698670
-
SHA256
ebe7a2c72e2e89732d435a7d491c9cd85f125b1584bb807f921b03dff9d16b94
-
SHA512
61ecdee50c84792b88f8f1f65679d6141ee4b314d13bfb037c4a6af373d85ab8af6b389c813e5f158529f54321841d9540fdece77da283e876ff43202325bdfa
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3156 wrote to memory of 3932 3156 rundll32.exe rundll32.exe PID 3156 wrote to memory of 3932 3156 rundll32.exe rundll32.exe PID 3156 wrote to memory of 3932 3156 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3932-130-0x0000000002290000-0x0000000002414000-memory.dmpFilesize
1.5MB