Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    13-02-2022 22:36

General

  • Target

    046235b59fbc6d2c4ec3db0ae6ea10cb53d743c678ca9dca8b2a9d30c7fbb393.dll

  • Size

    163KB

  • MD5

    a1cc9b5d85c55d1679cee3a11500fc15

  • SHA1

    dcb776035a4f6140d86a8acbac48683035cec701

  • SHA256

    046235b59fbc6d2c4ec3db0ae6ea10cb53d743c678ca9dca8b2a9d30c7fbb393

  • SHA512

    12220589d5e0f14c07fed9fdb1e5dd24cd518decc7719faa2b95de664be324204ddf4a3dafaf9d49c4932192c27bff501d02a4a1c65c427eae9d414b203a668a

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\046235b59fbc6d2c4ec3db0ae6ea10cb53d743c678ca9dca8b2a9d30c7fbb393.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1540
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\046235b59fbc6d2c4ec3db0ae6ea10cb53d743c678ca9dca8b2a9d30c7fbb393.dll,#1
      2⤵
        PID:2032

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2032-54-0x0000000076731000-0x0000000076733000-memory.dmp

      Filesize

      8KB

    • memory/2032-56-0x00000000000CC000-0x00000000000D7000-memory.dmp

      Filesize

      44KB