Analysis
-
max time kernel
40s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
03-07-2022 18:03
Static task
static1
Behavioral task
behavioral1
Sample
3b092887a1b6ae5ee20d24eee5e2980cfb155cbbc3cf3737e6bb227f10bc90c5.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
3b092887a1b6ae5ee20d24eee5e2980cfb155cbbc3cf3737e6bb227f10bc90c5.dll
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
3b092887a1b6ae5ee20d24eee5e2980cfb155cbbc3cf3737e6bb227f10bc90c5.dll
-
Size
207KB
-
MD5
a87641df2604d52fd9047e13dd89f63f
-
SHA1
a225f12977332cdbe151664789897982ac9adcd6
-
SHA256
3b092887a1b6ae5ee20d24eee5e2980cfb155cbbc3cf3737e6bb227f10bc90c5
-
SHA512
97c24072a7656e7095a97cbdcbf7aa2a0e47b774d22b3113e63d38b3426e08a84adfe779a832accafd9a5ddfca478cf0b5a0cf23f7547ba04d64e40061a0dd03
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 780 wrote to memory of 908 780 rundll32.exe rundll32.exe PID 780 wrote to memory of 908 780 rundll32.exe rundll32.exe PID 780 wrote to memory of 908 780 rundll32.exe rundll32.exe PID 780 wrote to memory of 908 780 rundll32.exe rundll32.exe PID 780 wrote to memory of 908 780 rundll32.exe rundll32.exe PID 780 wrote to memory of 908 780 rundll32.exe rundll32.exe PID 780 wrote to memory of 908 780 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\3b092887a1b6ae5ee20d24eee5e2980cfb155cbbc3cf3737e6bb227f10bc90c5.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\3b092887a1b6ae5ee20d24eee5e2980cfb155cbbc3cf3737e6bb227f10bc90c5.dll,#12⤵