Analysis
-
max time kernel
42s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
24-06-2022 18:01
Static task
static1
Behavioral task
behavioral1
Sample
2032-57-0x00000000002C0000-0x00000000002E2000-memory.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
2032-57-0x00000000002C0000-0x00000000002E2000-memory.dll
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
2032-57-0x00000000002C0000-0x00000000002E2000-memory.dll
-
Size
136KB
-
MD5
d39b947a8921fa094990a5597793df84
-
SHA1
abcd6c238607020cd9f7025d9d3c990e0afe5204
-
SHA256
6feb59e3a87b97539ba5be533cef98d9e450746f6d28e646b53ae07b96d3eea9
-
SHA512
137e60fbdba679a32c6563965e4b1fe326a7bfd19c0bc107c89cffbc72f7183bb71fa9ad0e97a0123c9bd49271a7b41f06ae7100d56076683a96008d1524c25b
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1976 wrote to memory of 888 1976 rundll32.exe rundll32.exe PID 1976 wrote to memory of 888 1976 rundll32.exe rundll32.exe PID 1976 wrote to memory of 888 1976 rundll32.exe rundll32.exe PID 1976 wrote to memory of 888 1976 rundll32.exe rundll32.exe PID 1976 wrote to memory of 888 1976 rundll32.exe rundll32.exe PID 1976 wrote to memory of 888 1976 rundll32.exe rundll32.exe PID 1976 wrote to memory of 888 1976 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2032-57-0x00000000002C0000-0x00000000002E2000-memory.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\2032-57-0x00000000002C0000-0x00000000002E2000-memory.dll,#12⤵