Analysis
-
max time kernel
39s -
max time network
50s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
14-07-2022 09:47
Static task
static1
Behavioral task
behavioral1
Sample
b4736b94230d53ab0aa384868b7b00fa07427e18b9e8171f7b48c46ef2481c58.dll
Resource
win7-20220414-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
b4736b94230d53ab0aa384868b7b00fa07427e18b9e8171f7b48c46ef2481c58.dll
Resource
win10v2004-20220414-en
0 signatures
0 seconds
General
-
Target
b4736b94230d53ab0aa384868b7b00fa07427e18b9e8171f7b48c46ef2481c58.dll
-
Size
1.3MB
-
MD5
3d46ae39af71d06bb8644da007259e3b
-
SHA1
080651a843b1d941e6d70771ed6531c727a4f2a7
-
SHA256
bd82aa584ad15277fc01dfc6db6b89888d37e7bbbea70046b92bd57c96b3d55d
-
SHA512
819c880dc841108b05eca4d2ddcee54745bcc7df2cc6ad4645fe29f66459af375fb1bab7fdf83bd901dc191936bfed30171a2d061445d94299c7c6962bfb3405
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1324 wrote to memory of 2024 1324 rundll32.exe rundll32.exe PID 1324 wrote to memory of 2024 1324 rundll32.exe rundll32.exe PID 1324 wrote to memory of 2024 1324 rundll32.exe rundll32.exe PID 1324 wrote to memory of 2024 1324 rundll32.exe rundll32.exe PID 1324 wrote to memory of 2024 1324 rundll32.exe rundll32.exe PID 1324 wrote to memory of 2024 1324 rundll32.exe rundll32.exe PID 1324 wrote to memory of 2024 1324 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\b4736b94230d53ab0aa384868b7b00fa07427e18b9e8171f7b48c46ef2481c58.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\b4736b94230d53ab0aa384868b7b00fa07427e18b9e8171f7b48c46ef2481c58.dll,#12⤵