Analysis

  • max time kernel
    14s
  • max time network
    175s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    19-04-2022 04:06

General

  • Target

    456750efc3ddf0cd4593164d18b55287eec0ede2799e753e5883db21dbbef8c3.dll

  • Size

    275KB

  • MD5

    4ec9ed400a8d45b102bcf85de77218c3

  • SHA1

    2d482fb741a7e30f70e6c6a48bfa2d3aff94a82d

  • SHA256

    456750efc3ddf0cd4593164d18b55287eec0ede2799e753e5883db21dbbef8c3

  • SHA512

    cd284443049bb5645049989d89803414ab8180759f97388033a8ccfdf165deda5f7efac6102cca9a6a4c147b36b694ba75d5cc46226b7bf234fa808191177a0a

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\456750efc3ddf0cd4593164d18b55287eec0ede2799e753e5883db21dbbef8c3.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1160
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\456750efc3ddf0cd4593164d18b55287eec0ede2799e753e5883db21dbbef8c3.dll,#1
      2⤵
        PID:1716

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1716-54-0x0000000000000000-mapping.dmp

    • memory/1716-55-0x0000000076451000-0x0000000076453000-memory.dmp

      Filesize

      8KB