90c0857b9095a1a1f51d94fdbf915e33aee78d510ef0e8674d233fc1223149d7 | Triage

Analysis

max time kernel
13s
max time network
25s
platform
windows10-2004_x64
resource
win10v2004-en-20220113
submitted
01-02-2022 09:49

Sharing

Report Analysis Logs

General

Target

90c0857b9095a1a1f51d94fdbf915e33aee78d510ef0e8674d233fc1223149d7.dll
Size

809KB
MD5

eeb55d19351258f514e47c03bc30be67
SHA1

64c076da46b169c13d1e933f5f420856fe2072dc
SHA256

90c0857b9095a1a1f51d94fdbf915e33aee78d510ef0e8674d233fc1223149d7
SHA512

6816c30f0338b14fff22ecc064a3e795136cf93c0afeace84a81fa68ff30996a60ff7fa670ad80ab8270b282e00e9c8eef8e4628feccacb62a0954d44321b996

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3580 wrote to memory of 832	3580	rundll32.exe	82
PID 3580 wrote to memory of 832	3580	rundll32.exe	82
PID 3580 wrote to memory of 832	3580	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\90c0857b9095a1a1f51d94fdbf915e33aee78d510ef0e8674d233fc1223149d7.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3580
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\90c0857b9095a1a1f51d94fdbf915e33aee78d510ef0e8674d233fc1223149d7.dll,#1
  2⤵
  PID:832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads