Analysis
-
max time kernel
91s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
12-07-2022 07:03
Static task
static1
Behavioral task
behavioral1
Sample
7bad50b94eb8142e6ba3b68116f0d3f185582e1e2661085040c37b0f21dc6a85.dll
Resource
win7-20220414-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
7bad50b94eb8142e6ba3b68116f0d3f185582e1e2661085040c37b0f21dc6a85.dll
Resource
win10v2004-20220414-en
0 signatures
0 seconds
General
-
Target
7bad50b94eb8142e6ba3b68116f0d3f185582e1e2661085040c37b0f21dc6a85.dll
-
Size
686KB
-
MD5
03b4779695d01b1d9e2178a4b2308418
-
SHA1
bb673af6c22c1712670477c20b35127c76d141e2
-
SHA256
7bad50b94eb8142e6ba3b68116f0d3f185582e1e2661085040c37b0f21dc6a85
-
SHA512
02303e4f88d3156176ef762c31329e2bd34234be7ef1fab857f37a0f623fc590e579826d3513d64b07926c5e55bacb3b888354fc2a9c66a7e00f4f921576a48b
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 4476 wrote to memory of 2156 4476 rundll32.exe rundll32.exe PID 4476 wrote to memory of 2156 4476 rundll32.exe rundll32.exe PID 4476 wrote to memory of 2156 4476 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7bad50b94eb8142e6ba3b68116f0d3f185582e1e2661085040c37b0f21dc6a85.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7bad50b94eb8142e6ba3b68116f0d3f185582e1e2661085040c37b0f21dc6a85.dll,#12⤵