Analysis
-
max time kernel
42s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
27-04-2022 14:08
Static task
static1
Behavioral task
behavioral1
Sample
f783ff9ae1b860902ce8ce8e084234c7fdee3b231d7b35d90300be4610d7a016.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
f783ff9ae1b860902ce8ce8e084234c7fdee3b231d7b35d90300be4610d7a016.dll
-
Size
460KB
-
MD5
ff96581bcf744d9ae4f9e428528a9ca6
-
SHA1
74a17687ae18f4b353e6572eb6176f5038a73efe
-
SHA256
f783ff9ae1b860902ce8ce8e084234c7fdee3b231d7b35d90300be4610d7a016
-
SHA512
ef602cf0e37ab54c2f7b388b573e05cbfd93572a5501d2ba3630a7ee108cadb78631e91ba342df45eab9c9c7c5832a94ae22576bbd53d7136a28628fd72ca13a
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 880 wrote to memory of 336 880 rundll32.exe rundll32.exe PID 880 wrote to memory of 336 880 rundll32.exe rundll32.exe PID 880 wrote to memory of 336 880 rundll32.exe rundll32.exe PID 880 wrote to memory of 336 880 rundll32.exe rundll32.exe PID 880 wrote to memory of 336 880 rundll32.exe rundll32.exe PID 880 wrote to memory of 336 880 rundll32.exe rundll32.exe PID 880 wrote to memory of 336 880 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\f783ff9ae1b860902ce8ce8e084234c7fdee3b231d7b35d90300be4610d7a016.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\f783ff9ae1b860902ce8ce8e084234c7fdee3b231d7b35d90300be4610d7a016.dll,#12⤵