Analysis
-
max time kernel
170s -
max time network
47s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
26-06-2022 05:20
Static task
static1
Behavioral task
behavioral1
Sample
auth.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
auth.dll
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
auth.dll
-
Size
401KB
-
MD5
95159f5427c976d28c86aa716799e6de
-
SHA1
4bfbf8c48f17a7c7269dfc314e5e5bd166db857f
-
SHA256
f8cc2cf36e193774f13c9c5f23ab777496dcd7ca588f4f73b45a7a5ffa96145e
-
SHA512
04af830cecd7ec8bf5d2f637a0e52036800d171f8d74f837648bd2129f8d19385fa46ae39c4cb0fc47c03aaa32d17f8739661d8b57b0d3d74532de29fc20f629
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1216 wrote to memory of 2016 1216 rundll32.exe 28 PID 1216 wrote to memory of 2016 1216 rundll32.exe 28 PID 1216 wrote to memory of 2016 1216 rundll32.exe 28 PID 1216 wrote to memory of 2016 1216 rundll32.exe 28 PID 1216 wrote to memory of 2016 1216 rundll32.exe 28 PID 1216 wrote to memory of 2016 1216 rundll32.exe 28 PID 1216 wrote to memory of 2016 1216 rundll32.exe 28