9f28ec04f677bb01646176058c6964248406970b83ce63552c56776a8d280a70 | Triage

Analysis

max time kernel
91s
max time network
129s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
14-07-2022 18:35

Sharing

Report Analysis Logs

General

Target

7533.dll
Size

663KB
MD5

1fffb3fdb0a4b780385cc5963fd4d40c
SHA1

8e1b1fbe90572b0c2751797dab5c9a6fed642ce6
SHA256

9f28ec04f677bb01646176058c6964248406970b83ce63552c56776a8d280a70
SHA512

e87c323bea984657be13f991d906f8941a5bab9c57c27ab58afb82b154fe37ed03fd43008b6dd1c42a0275f08527a1b4100b748e844c25628d5c1bd0e70c3757

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 1496 wrote to memory of 5068	1496	rundll32.exe	rundll32.exe
PID 1496 wrote to memory of 5068	1496	rundll32.exe	rundll32.exe
PID 1496 wrote to memory of 5068	1496	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\7533.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1496
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\7533.dll,#1
  2⤵
  PID:5068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/5068-130-0x0000000000000000-mapping.dmp

Download