Analysis
-
max time kernel
39s -
max time network
43s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
12-07-2022 07:11
Static task
static1
Behavioral task
behavioral1
Sample
1216-57-0x0000000000290000-0x00000000002B2000-memory.dll
Resource
win7-20220414-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
1216-57-0x0000000000290000-0x00000000002B2000-memory.dll
Resource
win10v2004-20220414-en
0 signatures
0 seconds
General
-
Target
1216-57-0x0000000000290000-0x00000000002B2000-memory.dll
-
Size
136KB
-
MD5
a742c4d15d4ce685958524d18b6726c5
-
SHA1
91416f6e7dac083be3103aed1b96334a0d8925f6
-
SHA256
3517f96280814abd51fc2c135f60134dc721bbb901568f36df92207c1c70fd6f
-
SHA512
4f71f85d3a4a418052c6be9411b5d36e863c61180e26d314c239e92094d44baa5b8121c89f88524424316ab13f7f7119c7a2c1c4365710254cb2ec9008395b31
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 376 wrote to memory of 1668 376 rundll32.exe rundll32.exe PID 376 wrote to memory of 1668 376 rundll32.exe rundll32.exe PID 376 wrote to memory of 1668 376 rundll32.exe rundll32.exe PID 376 wrote to memory of 1668 376 rundll32.exe rundll32.exe PID 376 wrote to memory of 1668 376 rundll32.exe rundll32.exe PID 376 wrote to memory of 1668 376 rundll32.exe rundll32.exe PID 376 wrote to memory of 1668 376 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1216-57-0x0000000000290000-0x00000000002B2000-memory.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1216-57-0x0000000000290000-0x00000000002B2000-memory.dll,#12⤵