Analysis
-
max time kernel
38s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220331-en -
submitted
05-04-2022 22:31
Static task
static1
Behavioral task
behavioral1
Sample
726e93a8aa83f8ee6c00ce7c656b33c735f4fff0e120e6f8e90987c5f8d5d1d0.dll
Resource
win7-20220331-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
726e93a8aa83f8ee6c00ce7c656b33c735f4fff0e120e6f8e90987c5f8d5d1d0.dll
Resource
win10v2004-20220331-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
726e93a8aa83f8ee6c00ce7c656b33c735f4fff0e120e6f8e90987c5f8d5d1d0.dll
-
Size
13KB
-
MD5
5d951b5f89c57f0c0d86faef17768594
-
SHA1
1f6888ce0c45299d7657c12eac0dda4e7d8456b9
-
SHA256
726e93a8aa83f8ee6c00ce7c656b33c735f4fff0e120e6f8e90987c5f8d5d1d0
-
SHA512
da3c5b6dae39970a7f66f41b376424f77484c7e4df3d756c1795c97122ae05a3715ac8160a2bde9b3191bf296e9d5bad1767ca6ed9f01842d0b2cf1c6037188d
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1660 wrote to memory of 1692 1660 rundll32.exe rundll32.exe PID 1660 wrote to memory of 1692 1660 rundll32.exe rundll32.exe PID 1660 wrote to memory of 1692 1660 rundll32.exe rundll32.exe PID 1660 wrote to memory of 1692 1660 rundll32.exe rundll32.exe PID 1660 wrote to memory of 1692 1660 rundll32.exe rundll32.exe PID 1660 wrote to memory of 1692 1660 rundll32.exe rundll32.exe PID 1660 wrote to memory of 1692 1660 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\726e93a8aa83f8ee6c00ce7c656b33c735f4fff0e120e6f8e90987c5f8d5d1d0.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\726e93a8aa83f8ee6c00ce7c656b33c735f4fff0e120e6f8e90987c5f8d5d1d0.dll,#12⤵