Analysis
-
max time kernel
145s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20220331-en -
submitted
12-04-2022 12:45
Behavioral task
behavioral1
Sample
44.dll
Resource
win7-20220331-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
44.dll
Resource
win10v2004-20220331-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
44.dll
-
Size
1.3MB
-
MD5
448e479874a145608483ddeba7d1d06d
-
SHA1
8cfc0ad5458037c393cdba199d243b0f16c8c7bd
-
SHA256
c486771dcbb6548bbec5bfaf8de3bc0b8e3d8ddf6aa2cd5a0bd0bd4c638839c5
-
SHA512
0631ccdded071dfe011a3b41af55ecd5853edbe171baed4ced28c497753bb69173a37ebfd50506ad1a41cb6c398cdafee5e8b61b25544b9360856353477c89c3
Score
8/10
Malware Config
Signatures
-
Blocklisted process makes network request 1 IoCs
Processes:
rundll32.exeflow pid process 2 4408 rundll32.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 2088 wrote to memory of 4408 2088 rundll32.exe rundll32.exe PID 2088 wrote to memory of 4408 2088 rundll32.exe rundll32.exe PID 2088 wrote to memory of 4408 2088 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4408-124-0x0000000000000000-mapping.dmp