Analysis
-
max time kernel
31s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
30-05-2022 23:48
Static task
static1
Behavioral task
behavioral1
Sample
07fe14af3cb2a2c6c8d86580111bf0471b57475159e5de07a17dcc812a1b9d79.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
07fe14af3cb2a2c6c8d86580111bf0471b57475159e5de07a17dcc812a1b9d79.dll
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
07fe14af3cb2a2c6c8d86580111bf0471b57475159e5de07a17dcc812a1b9d79.dll
-
Size
164KB
-
MD5
aad6aa0d64bf9a70e51a5357db81aeaf
-
SHA1
d32f5f8c343e96a4b407e1b24d93738d98f0bc90
-
SHA256
07fe14af3cb2a2c6c8d86580111bf0471b57475159e5de07a17dcc812a1b9d79
-
SHA512
047629759663a1ce2536f52ea0ab1210d43af8a857b4cc7d980420220f4736696aefadb15b8c31d80c82bb61f8d595fe16e59a26aa8827b301943208c4193a39
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 284 wrote to memory of 1684 284 rundll32.exe rundll32.exe PID 284 wrote to memory of 1684 284 rundll32.exe rundll32.exe PID 284 wrote to memory of 1684 284 rundll32.exe rundll32.exe PID 284 wrote to memory of 1684 284 rundll32.exe rundll32.exe PID 284 wrote to memory of 1684 284 rundll32.exe rundll32.exe PID 284 wrote to memory of 1684 284 rundll32.exe rundll32.exe PID 284 wrote to memory of 1684 284 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\07fe14af3cb2a2c6c8d86580111bf0471b57475159e5de07a17dcc812a1b9d79.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\07fe14af3cb2a2c6c8d86580111bf0471b57475159e5de07a17dcc812a1b9d79.dll,#12⤵