87a666af5422e0f30dc1ab9d137bc678b76a2a5610c34437f040419d494aef85 | Triage

Analysis

max time kernel
57s
max time network
184s
platform
windows10_x64
resource
win10-20220331-en
submitted
01-04-2022 18:43

Sharing

Report Analysis Logs

General

Target

beacon.dll
Size

203KB
MD5

c7a4ff6b89e267e81f68647c5f941895
SHA1

ef949d895259c2d541ed7001d66c1151808bd46f
SHA256

87a666af5422e0f30dc1ab9d137bc678b76a2a5610c34437f040419d494aef85
SHA512

83c4db0741dc2caf46e5fb13dcb0c6073affd395d7826769dcdc769dfd65452f93ab98a2ddffe65de06a0a365804bf1a23119d87a5161f882f737a99b4a174a8

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 1700 wrote to memory of 2172	1700	rundll32.exe	rundll32.exe
PID 1700 wrote to memory of 2172	1700	rundll32.exe	rundll32.exe
PID 1700 wrote to memory of 2172	1700	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\beacon.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1700

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\beacon.dll,#1
2⤵
PID:2172

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2172-116-0x0000000000000000-mapping.dmp

Download