Analysis
-
max time kernel
153s -
max time network
168s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
01-07-2022 04:55
Static task
static1
Behavioral task
behavioral1
Sample
e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001.dll
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001.dll
-
Size
207KB
-
MD5
de778a1a6c1e7a6912ec1780290ffa54
-
SHA1
39f731a154f0b8ed136741a290e796842c5b146f
-
SHA256
e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001
-
SHA512
c180e5bcd44b056f321022a46f6f9232c6f5818b88ff9218551da0aea04d3de0404551d78c75543861ed1c53fe5dc71e8b2fae3a9347a026477f8536f8d93b19
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 2172 wrote to memory of 3176 2172 rundll32.exe rundll32.exe PID 2172 wrote to memory of 3176 2172 rundll32.exe rundll32.exe PID 2172 wrote to memory of 3176 2172 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001.dll,#12⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3176-130-0x0000000000000000-mapping.dmp