421867abea3ce5f660f9cf6ec1dc62a57d92edc122638d81e7a2d4ec389dd27a

Analysis

Target

421867abea3ce5f660f9cf6ec1dc62a57d92edc122638d81e7a2d4ec389dd27a.dll
Size

164KB
MD5

f9fc3de9c93b204279d32d682d6607b3
SHA1

c63832b46663954e5bd1791190302f97153e1102
SHA256

421867abea3ce5f660f9cf6ec1dc62a57d92edc122638d81e7a2d4ec389dd27a
SHA512

520e9ccfc7196cac3a27e8ee6c6f7daaa46717e4e88f08106dd693ac9f13b1bbb3e30ea08e245cd2ed8088ab672ea1708c5aa963535465b4b86a58dc2dd0ef3a

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 972 wrote to memory of 956	972	rundll32.exe	rundll32.exe
PID 972 wrote to memory of 956	972	rundll32.exe	rundll32.exe
PID 972 wrote to memory of 956	972	rundll32.exe	rundll32.exe
PID 972 wrote to memory of 956	972	rundll32.exe	rundll32.exe
PID 972 wrote to memory of 956	972	rundll32.exe	rundll32.exe
PID 972 wrote to memory of 956	972	rundll32.exe	rundll32.exe
PID 972 wrote to memory of 956	972	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\421867abea3ce5f660f9cf6ec1dc62a57d92edc122638d81e7a2d4ec389dd27a.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:972

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\421867abea3ce5f660f9cf6ec1dc62a57d92edc122638d81e7a2d4ec389dd27a.dll,#1
2⤵
PID:956

memory/956-54-0x0000000000000000-mapping.dmp

Download
memory/956-55-0x00000000753B1000-0x00000000753B3000-memory.dmp

Filesize
8KB

Download
memory/956-57-0x0000000002FAA000-0x0000000002FC1000-memory.dmp

Filesize
92KB

Download
memory/956-58-0x0000000002FD0000-0x00000000030FD000-memory.dmp

Filesize
1.2MB

Download
memory/956-59-0x0000000000370000-0x000000000038F000-memory.dmp

Filesize
124KB

Download
memory/956-60-0x0000000003450000-0x0000000003559000-memory.dmp

Filesize
1.0MB

Download
memory/956-62-0x0000000000180000-0x0000000000186000-memory.dmp

Filesize
24KB

Download
memory/956-61-0x0000000000140000-0x000000000014A000-memory.dmp

Filesize
40KB

Download