Overview

overview

10

Static

static

10

624-57-0x0...ry.dll

windows7_x64

1

624-57-0x0...ry.dll

windows10-2004_x64

1

Analysis

  • max time kernel
    69s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    24-06-2022 18:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    624-57-0x0000000000290000-0x00000000002B2000-memory.dll

  • Size

    136KB

  • MD5

    a2e5b6f6fc7d63b2e629718834494b95

  • SHA1

    fc6d2bfda1d3630b8520aa4fcf85711b009f0674

  • SHA256

    8de5cba541edd74b188e8689fcb2282f6f2b01db88021de7c66a0c416ebb76ba

  • SHA512

    b53d066b35bf356ae2393d039df9536853b53279eca18c339a41d4cd8852e31ca6e0da0f87690953c576f9c73349da0612e400565bc5483f6a15177831eabb0b

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 27 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\624-57-0x0000000000290000-0x00000000002B2000-memory.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1864
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\624-57-0x0000000000290000-0x00000000002B2000-memory.dll,#1
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:4020
      • C:\Windows\SysWOW64\rundll32.exe
        rundll32.exe C:\Users\Admin\AppData\Local\Temp\624-57-0x0000000000290000-0x00000000002B2000-memory.dll,#1
        3⤵
        • Suspicious use of WriteProcessMemory
        PID:1224
        • C:\Windows\SysWOW64\rundll32.exe
          rundll32.exe C:\Users\Admin\AppData\Local\Temp\624-57-0x0000000000290000-0x00000000002B2000-memory.dll,#1
          4⤵
          • Suspicious use of WriteProcessMemory
          PID:1616
          • C:\Windows\SysWOW64\rundll32.exe
            rundll32.exe C:\Users\Admin\AppData\Local\Temp\624-57-0x0000000000290000-0x00000000002B2000-memory.dll,#1
            5⤵
            • Suspicious use of WriteProcessMemory
            PID:1944
            • C:\Windows\SysWOW64\rundll32.exe
              rundll32.exe C:\Users\Admin\AppData\Local\Temp\624-57-0x0000000000290000-0x00000000002B2000-memory.dll,#1
              6⤵
              • Suspicious use of WriteProcessMemory
              PID:2344
              • C:\Windows\SysWOW64\rundll32.exe
                rundll32.exe C:\Users\Admin\AppData\Local\Temp\624-57-0x0000000000290000-0x00000000002B2000-memory.dll,#1
                7⤵
                • Suspicious use of WriteProcessMemory
                PID:3260
                • C:\Windows\SysWOW64\rundll32.exe
                  rundll32.exe C:\Users\Admin\AppData\Local\Temp\624-57-0x0000000000290000-0x00000000002B2000-memory.dll,#1
                  8⤵
                  • Suspicious use of WriteProcessMemory
                  PID:3440
                  • C:\Windows\SysWOW64\rundll32.exe
                    rundll32.exe C:\Users\Admin\AppData\Local\Temp\624-57-0x0000000000290000-0x00000000002B2000-memory.dll,#1
                    9⤵
                    • Suspicious use of WriteProcessMemory
                    PID:3692
                    • C:\Windows\SysWOW64\rundll32.exe
                      rundll32.exe C:\Users\Admin\AppData\Local\Temp\624-57-0x0000000000290000-0x00000000002B2000-memory.dll,#1
                      10⤵
                        PID:4960

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1224-131-0x0000000000000000-mapping.dmp
      Download
    • memory/1616-132-0x0000000000000000-mapping.dmp
      Download
    • memory/1944-133-0x0000000000000000-mapping.dmp
      Download
    • memory/2344-134-0x0000000000000000-mapping.dmp
      Download
    • memory/3260-135-0x0000000000000000-mapping.dmp
      Download
    • memory/3440-136-0x0000000000000000-mapping.dmp
      Download
    • memory/3692-137-0x0000000000000000-mapping.dmp
      Download
    • memory/4020-130-0x0000000000000000-mapping.dmp
      Download
    • memory/4960-138-0x0000000000000000-mapping.dmp
      Download