3c6b3c611939bfeab2f3490fc8f788a1566bc6bb83cb0441bc4d339ef2b31306 | Triage

Analysis

max time kernel
43s
max time network
46s
platform
windows7_x64
resource
win7-20220414-en
submitted
21-05-2022 10:43

Sharing

Report Analysis Logs

General

Target

rgoc2.dll
Size

276KB
MD5

280c45fdd645059f35e47aef8e4d555c
SHA1

56d8b5335b3dec6bfb260522c65170aa6b3b5798
SHA256

df90e36ead46dcff6b6235a71ef05f6ca52250f432ddb46a4a0b8b9142660ba3
SHA512

0ad96ed3d1628a394fea1dad45e95feaf27cfae8b22107c764f2f6a920aa4df5391047ef1424033159fd1d06a7ccffb5cfcfadf742d214d8edf3fe097b5899ac

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes:

rundll32.exe

pid process

1224 rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\rgoc2.dll,#1
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1224-54-0x0000000000380000-0x0000000000383000-memory.dmp

Filesize
12KB

Download
memory/1224-55-0x000007FEF6D30000-0x000007FEF6D9A000-memory.dmp

Filesize
424KB

Download