Analysis
-
max time kernel
39s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
12-06-2022 13:46
Static task
static1
Behavioral task
behavioral1
Sample
2011f4ed15d6ad002670fdfe8fffc2fbd7cff4c8e7bd9d16746f9884a79a24b1.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
2011f4ed15d6ad002670fdfe8fffc2fbd7cff4c8e7bd9d16746f9884a79a24b1.dll
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
2011f4ed15d6ad002670fdfe8fffc2fbd7cff4c8e7bd9d16746f9884a79a24b1.dll
-
Size
164KB
-
MD5
3ad4c27f8d0e7135f401474811bd9b25
-
SHA1
9eb3c7f77134c49fbe1bdda2d2ef4fb6eb5377ce
-
SHA256
2011f4ed15d6ad002670fdfe8fffc2fbd7cff4c8e7bd9d16746f9884a79a24b1
-
SHA512
38bca02223716d44c209345c3a165264bb0a7009353c7e57db22ef7143e49a18ce1908e15abd5fae7b93e74c64c305b88bd32b5a862096b7c2b950a142e2f971
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1944 wrote to memory of 828 1944 rundll32.exe rundll32.exe PID 1944 wrote to memory of 828 1944 rundll32.exe rundll32.exe PID 1944 wrote to memory of 828 1944 rundll32.exe rundll32.exe PID 1944 wrote to memory of 828 1944 rundll32.exe rundll32.exe PID 1944 wrote to memory of 828 1944 rundll32.exe rundll32.exe PID 1944 wrote to memory of 828 1944 rundll32.exe rundll32.exe PID 1944 wrote to memory of 828 1944 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2011f4ed15d6ad002670fdfe8fffc2fbd7cff4c8e7bd9d16746f9884a79a24b1.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2011f4ed15d6ad002670fdfe8fffc2fbd7cff4c8e7bd9d16746f9884a79a24b1.dll,#12⤵