Analysis

  • max time kernel
    44s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    12-07-2022 08:26

General

  • Target

    964-57-0x0000000001E20000-0x0000000001E42000-memory.dll

  • Size

    136KB

  • MD5

    ac31ead58e8d3885e403c3862227eb98

  • SHA1

    4dc65c6c5ba23d9880e07dde72078ddabf82d095

  • SHA256

    ca353249a1cd426a6c9d2572ba447c1362d8f8126f59dce700092fa325b2b32d

  • SHA512

    ccbb324c10889bc338d094f63ca4ad520b0aa96dd72e0670af656cd1ae8c5fe30095df669950168355f50c453fc7c707bb687eb8bf2600b4605710c58effbe83

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\964-57-0x0000000001E20000-0x0000000001E42000-memory.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:536
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\964-57-0x0000000001E20000-0x0000000001E42000-memory.dll,#1
      2⤵
        PID:896

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/896-54-0x0000000000000000-mapping.dmp

    • memory/896-55-0x0000000075B61000-0x0000000075B63000-memory.dmp

      Filesize

      8KB