Analysis
-
max time kernel
43s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
23-06-2022 17:49
Static task
static1
Behavioral task
behavioral1
Sample
1724-57-0x00000000001C0000-0x00000000001E2000-memory.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
1724-57-0x00000000001C0000-0x00000000001E2000-memory.dll
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
1724-57-0x00000000001C0000-0x00000000001E2000-memory.dll
-
Size
136KB
-
MD5
2c5174a25a5661f92a3eb7418e01eabe
-
SHA1
c780ff742888d55c801a069b4386df17e76e4aa9
-
SHA256
951e441530474011fe64277d16bed9304b7c1017fcc0f1212c16713ce34cb340
-
SHA512
7c2537e933b917009489f5a6cb502556bfc95cf8f8f7aa366f26072b0e7a4d230b9f964fd46ee25f07642d9b2f2ec023d075f4c623a0c7978dce4f2767ac73d1
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1084 wrote to memory of 360 1084 rundll32.exe rundll32.exe PID 1084 wrote to memory of 360 1084 rundll32.exe rundll32.exe PID 1084 wrote to memory of 360 1084 rundll32.exe rundll32.exe PID 1084 wrote to memory of 360 1084 rundll32.exe rundll32.exe PID 1084 wrote to memory of 360 1084 rundll32.exe rundll32.exe PID 1084 wrote to memory of 360 1084 rundll32.exe rundll32.exe PID 1084 wrote to memory of 360 1084 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1724-57-0x00000000001C0000-0x00000000001E2000-memory.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1724-57-0x00000000001C0000-0x00000000001E2000-memory.dll,#12⤵