Analysis
-
max time kernel
42s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
03-05-2022 13:44
Static task
static1
Behavioral task
behavioral1
Sample
7a5fca09a04661699fea280ad4db1355bbd42412d70d49203fa7a3ad2fd9ad02.dll
Resource
win7-20220414-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
7a5fca09a04661699fea280ad4db1355bbd42412d70d49203fa7a3ad2fd9ad02.dll
Resource
win10v2004-20220414-en
0 signatures
0 seconds
General
-
Target
7a5fca09a04661699fea280ad4db1355bbd42412d70d49203fa7a3ad2fd9ad02.dll
-
Size
172KB
-
MD5
9814c51cdaa74e6ab7c20d92c4a2d7aa
-
SHA1
18291417bb8734cb29e83c9e67f68431d0fc8bc1
-
SHA256
7a5fca09a04661699fea280ad4db1355bbd42412d70d49203fa7a3ad2fd9ad02
-
SHA512
568b1bede9107ac61bacd59f32af08b1492165b0814146d6b0d7922fbc2e8671eba33a2328c75aa3491ec75fbf17b2f0647fc8eb5f8731ae1c49d1db3a5a3493
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 756 wrote to memory of 852 756 rundll32.exe rundll32.exe PID 756 wrote to memory of 852 756 rundll32.exe rundll32.exe PID 756 wrote to memory of 852 756 rundll32.exe rundll32.exe PID 756 wrote to memory of 852 756 rundll32.exe rundll32.exe PID 756 wrote to memory of 852 756 rundll32.exe rundll32.exe PID 756 wrote to memory of 852 756 rundll32.exe rundll32.exe PID 756 wrote to memory of 852 756 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7a5fca09a04661699fea280ad4db1355bbd42412d70d49203fa7a3ad2fd9ad02.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:756 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7a5fca09a04661699fea280ad4db1355bbd42412d70d49203fa7a3ad2fd9ad02.dll,#12⤵PID:852