Overview

overview

10

Static

static

10

8db51157db...f5.dll

windows7-x64

1

8db51157db...f5.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    37s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220718-en
  • resource tags

    arch:x64arch:x86image:win7-20220718-enlocale:en-usos:windows7-x64system
  • submitted
    24-07-2022 21:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8db51157db6c7a55c9ea007a093cb626cfc7e5538d53b8c7dafd0cb8dc50dff5.dll

  • Size

    164KB

  • MD5

    efc1be291659662c42f4b2b932001ed7

  • SHA1

    71aa4fe042965fe89a49ddfc5105a4a68614b480

  • SHA256

    8db51157db6c7a55c9ea007a093cb626cfc7e5538d53b8c7dafd0cb8dc50dff5

  • SHA512

    65978609dc50e4b1579312fde2d3475dd7caffff063630f2a96816b9c8b63778dd2b22d02e0571beab3104d0b8ffb2d2eac4cc5f4d1feaf619b2fad802a6b924

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\8db51157db6c7a55c9ea007a093cb626cfc7e5538d53b8c7dafd0cb8dc50dff5.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1480
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\8db51157db6c7a55c9ea007a093cb626cfc7e5538d53b8c7dafd0cb8dc50dff5.dll,#1
      2⤵
        PID:848

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/848-54-0x0000000000000000-mapping.dmp
      Download
    • memory/848-55-0x00000000754F1000-0x00000000754F3000-memory.dmp
      Filesize

      8KB

      Download
    • memory/848-56-0x0000000002B20000-0x0000000002BE9000-memory.dmp
      Filesize

      804KB

      Download
    • memory/848-58-0x0000000002FF0000-0x000000000311D000-memory.dmp
      Filesize

      1.2MB

      Download
    • memory/848-59-0x0000000000770000-0x000000000078F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/848-60-0x00000000033C0000-0x00000000034C9000-memory.dmp
      Filesize

      1.0MB

      Download
    • memory/848-62-0x0000000000700000-0x0000000000706000-memory.dmp
      Filesize

      24KB

      Download
    • memory/848-61-0x0000000000220000-0x000000000022A000-memory.dmp
      Filesize

      40KB

      Download