Analysis
-
max time kernel
91s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
12-07-2022 07:02
Static task
static1
Behavioral task
behavioral1
Sample
f1c1706d380fd2a149dc7bde40ee795a0ab3dc56aa665b13cbadd131a7aa2235.dll
Resource
win7-20220414-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
f1c1706d380fd2a149dc7bde40ee795a0ab3dc56aa665b13cbadd131a7aa2235.dll
Resource
win10v2004-20220414-en
0 signatures
0 seconds
General
-
Target
f1c1706d380fd2a149dc7bde40ee795a0ab3dc56aa665b13cbadd131a7aa2235.dll
-
Size
686KB
-
MD5
082949ed3528c239ebc2558a6d3d45c8
-
SHA1
bd8997f9ec3ac4de4e27c5424efa9c218aa43521
-
SHA256
f1c1706d380fd2a149dc7bde40ee795a0ab3dc56aa665b13cbadd131a7aa2235
-
SHA512
0d8ecc4255d83088cc1fc76c5b7e2b3778772b7123fa155810d85d8db008ab4a18fab55a7f4bfe46238b8255269037eaed1252e8a4d01b68425557c664e0fee3
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 484 wrote to memory of 3372 484 rundll32.exe rundll32.exe PID 484 wrote to memory of 3372 484 rundll32.exe rundll32.exe PID 484 wrote to memory of 3372 484 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\f1c1706d380fd2a149dc7bde40ee795a0ab3dc56aa665b13cbadd131a7aa2235.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\f1c1706d380fd2a149dc7bde40ee795a0ab3dc56aa665b13cbadd131a7aa2235.dll,#12⤵