57c7f0bc7a487df329eb3e8b19debde9ce1821e250123227cdc2dfbdd8b1b766 | Triage

Analysis

max time kernel
13s
max time network
26s
platform
windows10-2004_x64
resource
win10v2004-en-20220113
submitted
01/02/2022, 10:20

Sharing

Report Analysis Logs

General

Target

57c7f0bc7a487df329eb3e8b19debde9ce1821e250123227cdc2dfbdd8b1b766.dll
Size

250KB
MD5

5970ecc1e667dbfac22baece0305655e
SHA1

5e0dbef986f2456081aa27b8f06430abfa3ab102
SHA256

57c7f0bc7a487df329eb3e8b19debde9ce1821e250123227cdc2dfbdd8b1b766
SHA512

fb99473005cc9fa442cea28ba46b5befd0fea8d09f1a527303e8a02036de7d535bc1cf70505c0d8223e2bbcc6e65ef9d0c54ce0161f864c5e1840f928762365d

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4412 wrote to memory of 1052	4412	rundll32.exe	82
PID 4412 wrote to memory of 1052	4412	rundll32.exe	82
PID 4412 wrote to memory of 1052	4412	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\57c7f0bc7a487df329eb3e8b19debde9ce1821e250123227cdc2dfbdd8b1b766.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4412
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\57c7f0bc7a487df329eb3e8b19debde9ce1821e250123227cdc2dfbdd8b1b766.dll,#1
  2⤵
  PID:1052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads