Overview

overview

10

Static

static

10

2020-57-0x...ry.dll

windows7_x64

1

2020-57-0x...ry.dll

windows10-2004_x64

1

Analysis

  • max time kernel
    41s
  • max time network
    44s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    23-06-2022 16:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2020-57-0x0000000000130000-0x0000000000152000-memory.dll

  • Size

    136KB

  • MD5

    936275392cd229ed68f3823c9a4f3abd

  • SHA1

    c7e0e91ea09e5fe34d86667e93ac028f1716ad33

  • SHA256

    7cb65998d07f7b3140d91a429172edaa571da2bef138350f2d800f2541ce71b8

  • SHA512

    2ea8bfad5018ec73952652cb050453938a1f57f83d6d1486bedd1853be96316799bfa4498a5f46d2a41b572aa98b68c5b5f10a5d5649ee0459f3e8c85f3823a6

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\2020-57-0x0000000000130000-0x0000000000152000-memory.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\2020-57-0x0000000000130000-0x0000000000152000-memory.dll,#1
      2⤵
        PID:1524

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1524-54-0x0000000000000000-mapping.dmp
      Download
    • memory/1524-55-0x00000000756E1000-0x00000000756E3000-memory.dmp
      Filesize

      8KB

      Download