Analysis
-
max time kernel
40s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
20-06-2022 17:43
General
-
Target
31d5da67869ebf3128331168e6ab52b19a3a7e9c5d76276ad4ddff6f65205002.dll
-
Size
164KB
-
MD5
4df3a5cb9ed1cf9f416dbd2715ae37b2
-
SHA1
5d00efcbc5f607062e80fcd183d6f46591283fa8
-
SHA256
31d5da67869ebf3128331168e6ab52b19a3a7e9c5d76276ad4ddff6f65205002
-
SHA512
aa4e6debeccd24bfe14af345c7ce72062a70aff9d1b5a1318af0c7f2e2431855c4d1677bceaa667d06f0b7e3cd297ea1115846874fbe99a4e2ea8b40745a28f6
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\31d5da67869ebf3128331168e6ab52b19a3a7e9c5d76276ad4ddff6f65205002.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\31d5da67869ebf3128331168e6ab52b19a3a7e9c5d76276ad4ddff6f65205002.dll,#12⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/956-54-0x0000000000000000-mapping.dmp
-
memory/956-55-0x0000000076C81000-0x0000000076C83000-memory.dmpFilesize
8KB
-
memory/956-57-0x0000000002B20000-0x0000000002BBF000-memory.dmpFilesize
636KB
-
memory/956-59-0x00000000002F0000-0x000000000030F000-memory.dmpFilesize
124KB
-
memory/956-60-0x0000000000120000-0x000000000012A000-memory.dmpFilesize
40KB
-
memory/956-61-0x00000000001A0000-0x00000000001A6000-memory.dmpFilesize
24KB
-
memory/956-62-0x0000000003420000-0x0000000003529000-memory.dmpFilesize
1.0MB
-
memory/956-63-0x00000000001A0000-0x00000000001A6000-memory.dmpFilesize
24KB