Analysis
-
max time kernel
133s -
max time network
136s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
08-04-2022 16:00
Static task
static1
Behavioral task
behavioral1
Sample
7fa3abc229fd3cb9a0a6f07d9da15e35528c630d0ad5902d5422b305cae7eaa4.dll
Resource
win7-20220331-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
7fa3abc229fd3cb9a0a6f07d9da15e35528c630d0ad5902d5422b305cae7eaa4.dll
Resource
win10v2004-en-20220113
0 signatures
0 seconds
General
-
Target
7fa3abc229fd3cb9a0a6f07d9da15e35528c630d0ad5902d5422b305cae7eaa4.dll
-
Size
1.7MB
-
MD5
75730ffc39fa5b5936a1b4b0d36522bb
-
SHA1
fc91a976e6948f37e71645f4c0d112e16d8e013f
-
SHA256
7fa3abc229fd3cb9a0a6f07d9da15e35528c630d0ad5902d5422b305cae7eaa4
-
SHA512
cd5568265ce27d1c7b9825636fd3089e68e0702b399983910d37bebe4b0c76eccfd4faed9a00f0dd8190f0cdc5af94b2068cf679139bffa7b17c39d7124dd860
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 1164 wrote to memory of 1436 1164 rundll32.exe rundll32.exe PID 1164 wrote to memory of 1436 1164 rundll32.exe rundll32.exe PID 1164 wrote to memory of 1436 1164 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7fa3abc229fd3cb9a0a6f07d9da15e35528c630d0ad5902d5422b305cae7eaa4.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7fa3abc229fd3cb9a0a6f07d9da15e35528c630d0ad5902d5422b305cae7eaa4.dll,#12⤵