Resubmissions

23/03/2022, 11:41

220323-ntlz3sdbf4 10

23/03/2022, 09:48

220323-lswf1sbhf5 10

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220310-en
  • submitted
    23/03/2022, 09:48

General

  • Target

    readme.dll

  • Size

    471KB

  • MD5

    fbc2f28e187edcc6ddf89989ff8e591f

  • SHA1

    a322761d2f8eb898810454f545e8646495e98fea

  • SHA256

    77457f0b7da19036041ca3a0071e141909d889eb7e2d28d6ad0df73bc3c81636

  • SHA512

    6d04490602f0239dc823a5640793f5415597a70682d64b1620ae5006a351c70e232cb5c024caf2eff2ef2527d22ed321687dcde94b00877f8ecfc9ba788ae0de

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\readme.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1364
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\readme.dll,#1
      2⤵
        PID:4756

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/4756-135-0x00000000009C0000-0x0000000000A3A000-memory.dmp

            Filesize

            488KB