Analysis
-
max time kernel
127s -
max time network
173s -
platform
windows10-2004_x64 -
resource
win10v2004-20220310-en -
submitted
15-03-2022 10:41
Static task
static1
Behavioral task
behavioral1
Sample
010770a88992f673ff6bfaefac10e94c388b80a650830a1ae72f3dfb0df20267.dll
Resource
win7-20220310-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
010770a88992f673ff6bfaefac10e94c388b80a650830a1ae72f3dfb0df20267.dll
Resource
win10v2004-20220310-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
010770a88992f673ff6bfaefac10e94c388b80a650830a1ae72f3dfb0df20267.dll
-
Size
276KB
-
MD5
344ef76867f8654c37cc02320c49b0e1
-
SHA1
c6be88bb71386a4b56070d2c59fbb780a790dfa1
-
SHA256
010770a88992f673ff6bfaefac10e94c388b80a650830a1ae72f3dfb0df20267
-
SHA512
6fd18cae67ae56fa4ae7d42cbec0ee2c81ebe7ca584a41e1446592b4088b72f3cf2c208ae7569e5af0ee86e4b1edd90e5d50d7a2aaacf8033240e461944ec4f6
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 4556 wrote to memory of 3216 4556 rundll32.exe rundll32.exe PID 4556 wrote to memory of 3216 4556 rundll32.exe rundll32.exe PID 4556 wrote to memory of 3216 4556 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\010770a88992f673ff6bfaefac10e94c388b80a650830a1ae72f3dfb0df20267.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\010770a88992f673ff6bfaefac10e94c388b80a650830a1ae72f3dfb0df20267.dll,#12⤵