Analysis
-
max time kernel
47s -
max time network
51s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
30-06-2022 09:25
Static task
static1
Behavioral task
behavioral1
Sample
pkmcntrs.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
pkmcntrs.dll
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
pkmcntrs.dll
-
Size
1.5MB
-
MD5
d902d9b6580de0f0264e23b4000b5070
-
SHA1
9ca85ea9142c2135fc912bbbcb6d1db85c40f3a4
-
SHA256
67a9e8599ab71865a97e75dae9be438c24d015a93e6a12fb5b450ec558528290
-
SHA512
c971dacbfd9b9bb9e6a6f6d666576c2ff5f8854941b5b9c5057d907032cdba902fab7723bcb2b81108b2657edc964ef90d78f2a43252714350129e72b3c4416b
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1512 wrote to memory of 1660 1512 rundll32.exe rundll32.exe PID 1512 wrote to memory of 1660 1512 rundll32.exe rundll32.exe PID 1512 wrote to memory of 1660 1512 rundll32.exe rundll32.exe PID 1512 wrote to memory of 1660 1512 rundll32.exe rundll32.exe PID 1512 wrote to memory of 1660 1512 rundll32.exe rundll32.exe PID 1512 wrote to memory of 1660 1512 rundll32.exe rundll32.exe PID 1512 wrote to memory of 1660 1512 rundll32.exe rundll32.exe