Analysis
-
max time kernel
91s -
max time network
135s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
25-06-2022 10:35
Behavioral task
behavioral1
Sample
e0aea52c33e6ae0c0ba163ad450cbdb79202049b551bf95b5ebfcd6857e01d4b.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
e0aea52c33e6ae0c0ba163ad450cbdb79202049b551bf95b5ebfcd6857e01d4b.dll
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
e0aea52c33e6ae0c0ba163ad450cbdb79202049b551bf95b5ebfcd6857e01d4b.dll
-
Size
193KB
-
MD5
a45e39ca766a10661daa9ef36db9669c
-
SHA1
c8406be4dcc440e356ceeccea2d5e2312d86684a
-
SHA256
e0aea52c33e6ae0c0ba163ad450cbdb79202049b551bf95b5ebfcd6857e01d4b
-
SHA512
2b02112ab3d4ca67d9e37178dd7bcdc2f82380fc1b5d0e6764d514565484b3f05237f6c180f8d337d727cf8b7beb7362771343907d74733d77417a98a99aa83d
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 1540 wrote to memory of 3704 1540 rundll32.exe rundll32.exe PID 1540 wrote to memory of 3704 1540 rundll32.exe rundll32.exe PID 1540 wrote to memory of 3704 1540 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\e0aea52c33e6ae0c0ba163ad450cbdb79202049b551bf95b5ebfcd6857e01d4b.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\e0aea52c33e6ae0c0ba163ad450cbdb79202049b551bf95b5ebfcd6857e01d4b.dll,#12⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3704-130-0x0000000000000000-mapping.dmp