Analysis
-
max time kernel
2s -
max time network
27s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
05-02-2022 16:01
Static task
static1
Behavioral task
behavioral1
Sample
4f1b67de033cb3d692e494a0104243edb1504185df21e5086dba1d10d941c12a.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
4f1b67de033cb3d692e494a0104243edb1504185df21e5086dba1d10d941c12a.dll
Resource
win10v2004-en-20220113
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
4f1b67de033cb3d692e494a0104243edb1504185df21e5086dba1d10d941c12a.dll
-
Size
877KB
-
MD5
4773b4f06e91d998f15f56986eca1c04
-
SHA1
47bd5aa4356028de73fde18268e4891bf7ec5aae
-
SHA256
4f1b67de033cb3d692e494a0104243edb1504185df21e5086dba1d10d941c12a
-
SHA512
6709ee7c50729eab38b0ab6fc72948fa66458c277d9109e605824105827db87d9c34e7559c4a9a7c7e2f3908f8c4ac49be587e9210928c99757a600a3b9d3c77
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 2760 wrote to memory of 3212 2760 rundll32.exe rundll32.exe PID 2760 wrote to memory of 3212 2760 rundll32.exe rundll32.exe PID 2760 wrote to memory of 3212 2760 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\4f1b67de033cb3d692e494a0104243edb1504185df21e5086dba1d10d941c12a.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\4f1b67de033cb3d692e494a0104243edb1504185df21e5086dba1d10d941c12a.dll,#12⤵