Analysis
-
max time kernel
15s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
08-07-2022 14:21
Static task
static1
Behavioral task
behavioral1
Sample
701f00df01347389b263cd50cd6b4e86669704503011732a9ce0fbd71baaa00e.dll
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
701f00df01347389b263cd50cd6b4e86669704503011732a9ce0fbd71baaa00e.dll
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
701f00df01347389b263cd50cd6b4e86669704503011732a9ce0fbd71baaa00e.dll
-
Size
1.8MB
-
MD5
d7aceb8a882d4d181ba658d4f4c48123
-
SHA1
4d187b3df5575f0c68986bd7c5eb95b50e7f40e4
-
SHA256
701f00df01347389b263cd50cd6b4e86669704503011732a9ce0fbd71baaa00e
-
SHA512
29e2d226bed25374ec28502f5d193824f3504c4d698a7ec7acdd2ca8af9b786fcb6c6d96e03db1d040cbd43e884d4b75f1ee511142b671e585e52de7f2e743e4
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1688 wrote to memory of 1092 1688 rundll32.exe rundll32.exe PID 1688 wrote to memory of 1092 1688 rundll32.exe rundll32.exe PID 1688 wrote to memory of 1092 1688 rundll32.exe rundll32.exe PID 1688 wrote to memory of 1092 1688 rundll32.exe rundll32.exe PID 1688 wrote to memory of 1092 1688 rundll32.exe rundll32.exe PID 1688 wrote to memory of 1092 1688 rundll32.exe rundll32.exe PID 1688 wrote to memory of 1092 1688 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\701f00df01347389b263cd50cd6b4e86669704503011732a9ce0fbd71baaa00e.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\701f00df01347389b263cd50cd6b4e86669704503011732a9ce0fbd71baaa00e.dll,#12⤵