Analysis

  • max time kernel
    170s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    26-06-2022 05:20

General

  • Target

    auth.dll

  • Size

    401KB

  • MD5

    95159f5427c976d28c86aa716799e6de

  • SHA1

    4bfbf8c48f17a7c7269dfc314e5e5bd166db857f

  • SHA256

    f8cc2cf36e193774f13c9c5f23ab777496dcd7ca588f4f73b45a7a5ffa96145e

  • SHA512

    04af830cecd7ec8bf5d2f637a0e52036800d171f8d74f837648bd2129f8d19385fa46ae39c4cb0fc47c03aaa32d17f8739661d8b57b0d3d74532de29fc20f629

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\auth.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1216
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\auth.dll,#1
      2⤵
        PID:2016

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2016-55-0x00000000759F1000-0x00000000759F3000-memory.dmp

      Filesize

      8KB