9fd92b2633147d58a5d4a28d1f5f66a11873c4185c44429295cda9956defa6d4 | Triage

Analysis

max time kernel
142s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20220310-en
submitted
14-04-2022 15:00

Sharing

Report Analysis Logs

General

Target

1_Attachments.dll
Size

2.2MB
MD5

555b77d23549e231c8d7f0b003cc5164
SHA1

afde458ab0294f206a5cf832ce4e73661b0308f8
SHA256

9fd92b2633147d58a5d4a28d1f5f66a11873c4185c44429295cda9956defa6d4
SHA512

a2d918e62fa320e73649099d3e15aa9790b39e878c965487e4621d5851d3d867f3b650470849e5518b40f99db0cbf9030807df59b476db266e5ae21b48d65384

Score

8^/10

Malware Config

Signatures

Blocklisted process makes network request 12 IoCs

Processes:

rundll32.exe

flow	pid	Process
1	1744	rundll32.exe
2	1744	rundll32.exe
17	1744	rundll32.exe
19	1744	rundll32.exe
28	1744	rundll32.exe
29	1744	rundll32.exe
42	1744	rundll32.exe
43	1744	rundll32.exe
48	1744	rundll32.exe
49	1744	rundll32.exe
53	1744	rundll32.exe
54	1744	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\1_Attachments.dll,#1
1⤵
- Blocklisted process makes network request
PID:1744

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1744-134-0x00007FF8B4920000-0x00007FF8B4930000-memory.dmp

Filesize
64KB

Download