Analysis

  • max time kernel
    4294182s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20220311-en
  • submitted
    21/03/2022, 12:17

General

  • Target

    1808-57-0x0000000000170000-0x000000000017E000-memory.dll

  • Size

    56KB

  • MD5

    6f72ecaeaf6d8b0a06f0da5ae3754dbe

  • SHA1

    42750e04efcfec1868d5d80287d212e7f2a2abb6

  • SHA256

    15622fff703648c6b515892046f883f4737e55d08e11fec5bbfed084e922ce4c

  • SHA512

    0c9c3c62d630bad4a3245b9e6b30133b6b78f8b0faa3d611ea4ce912d126f380bfbfc0149bdb6d79580acccd12980076165c7b4cc0787816cba2908b8124c3e7

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\1808-57-0x0000000000170000-0x000000000017E000-memory.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1336
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\1808-57-0x0000000000170000-0x000000000017E000-memory.dll,#1
      2⤵
        PID:580

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/580-54-0x0000000075561000-0x0000000075563000-memory.dmp

            Filesize

            8KB