Analysis
-
max time kernel
42s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220331-en -
submitted
14-04-2022 11:30
Static task
static1
Behavioral task
behavioral1
Sample
shellcode.mz.dll
Resource
win7-20220331-en
windows7_x64
0 signatures
0 seconds
General
-
Target
shellcode.mz.dll
-
Size
203KB
-
MD5
df36111e9c238c1bbacbc671b7f32198
-
SHA1
6afd5cc8552d139fd86bad5acb39326221dd574a
-
SHA256
dbefad925e7c876dd2d5ffa4f541bb759de9f3633ce4640709dcd12aa41d7dc8
-
SHA512
1b9d13d79dabe57fb39ce9af1b12f7007c4d0ef39c3605ab3eb0d97101ca31a4f65f9c66c8e06f5ae64ef516384e772c2ca0906d759494b3141085867c582c26
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1008 wrote to memory of 1840 1008 rundll32.exe rundll32.exe PID 1008 wrote to memory of 1840 1008 rundll32.exe rundll32.exe PID 1008 wrote to memory of 1840 1008 rundll32.exe rundll32.exe PID 1008 wrote to memory of 1840 1008 rundll32.exe rundll32.exe PID 1008 wrote to memory of 1840 1008 rundll32.exe rundll32.exe PID 1008 wrote to memory of 1840 1008 rundll32.exe rundll32.exe PID 1008 wrote to memory of 1840 1008 rundll32.exe rundll32.exe