Analysis
-
max time kernel
32s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
11-06-2022 19:48
Static task
static1
Behavioral task
behavioral1
Sample
253906f90c7308792510faa9e5804f954799f05c25d3d5cf357724407c984234.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
253906f90c7308792510faa9e5804f954799f05c25d3d5cf357724407c984234.dll
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
253906f90c7308792510faa9e5804f954799f05c25d3d5cf357724407c984234.dll
-
Size
781KB
-
MD5
c540b3060453d48fcd241a644ffb1f87
-
SHA1
87846597fc99bbcb5f6a47151ad85c275e203374
-
SHA256
253906f90c7308792510faa9e5804f954799f05c25d3d5cf357724407c984234
-
SHA512
f74bf2374333c681f2a7e4292972896cb2edb95521d5d7da5c8026e98d9a825084d1420f6a1777acb7e2b9588fa442798f5e459807ce8ac0136e9fc2ec647347
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1408 wrote to memory of 1752 1408 rundll32.exe rundll32.exe PID 1408 wrote to memory of 1752 1408 rundll32.exe rundll32.exe PID 1408 wrote to memory of 1752 1408 rundll32.exe rundll32.exe PID 1408 wrote to memory of 1752 1408 rundll32.exe rundll32.exe PID 1408 wrote to memory of 1752 1408 rundll32.exe rundll32.exe PID 1408 wrote to memory of 1752 1408 rundll32.exe rundll32.exe PID 1408 wrote to memory of 1752 1408 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\253906f90c7308792510faa9e5804f954799f05c25d3d5cf357724407c984234.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\253906f90c7308792510faa9e5804f954799f05c25d3d5cf357724407c984234.dll,#12⤵