Analysis

  • max time kernel
    44s
  • max time network
    48s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    12-07-2022 13:01

General

  • Target

    Plugins/CmdBar.dll

  • Size

    63KB

  • MD5

    6c7ba28fd1aacd8c4f5c46f76b855199

  • SHA1

    c908a3763dda6ed0bc59a3030e080852a15fc6ec

  • SHA256

    f9cf91a8c49149c7b05f61185a869af9878a73a19905bad07fa7ac83fe4ed46e

  • SHA512

    25854d739fdb61a925f4a2f97f01201c10f1d2286239a0d291a6c1003404d50f43934399cab7d2dc338c43b10eca7f937c4bcd047e279b474909689a83f5405c

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Plugins\CmdBar.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1600
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Plugins\CmdBar.dll,#1
      2⤵
        PID:908

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/908-54-0x0000000000000000-mapping.dmp

    • memory/908-55-0x0000000075CD1000-0x0000000075CD3000-memory.dmp

      Filesize

      8KB

    • memory/908-56-0x00000000001A1000-0x00000000001AB000-memory.dmp

      Filesize

      40KB