d538dfafbdf6ac115c24dbdd68c65dbef6460808dd2c4f3fc01d5e15bfc2f902 | Triage

Resubmissions

08-12-2023 10:30

231208-mj7y5aaf75 10

13-03-2022 04:08

220313-eqel6aeddm 1

Analysis

max time kernel
4s
max time network
11s
platform
windows10-2004_x64
resource
win10v2004-20220310-en
submitted
13-03-2022 04:08

Sharing

Report Analysis Logs

General

Target

zloader.dll
Size

472KB
MD5

dea7ef874f21922114e030ab165635e4
SHA1

478431cb35563783340cbfd69f5eef74a808f5bf
SHA256

d538dfafbdf6ac115c24dbdd68c65dbef6460808dd2c4f3fc01d5e15bfc2f902
SHA512

eab49f24a3b6772dcf753bd31119eb1c3d863c15dfce577fcd52c2688d18364d6708e40f53d76bf59747f592ada8b71be24f4bb52fb69ebbc07927fe0bee60fe

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4764 wrote to memory of 4468	4764	rundll32.exe	81
PID 4764 wrote to memory of 4468	4764	rundll32.exe	81
PID 4764 wrote to memory of 4468	4764	rundll32.exe	81

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\zloader.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4764
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\zloader.dll,#1
  2⤵
  PID:4468

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads