ff2693010b02d796fd906a3a6a8da9a556fb7d97d2f4546afa1c908df463c1f4

Analysis

max time kernel
31s
max time network
35s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
05-09-2022 07:52

Target

GuyletsExternalRidJoinerGui/RID_DLL.dll
Size

16KB
MD5

20c2b7cf987323c6c6785c1869cf7688
SHA1

ae854f58414915d235d695d981aae7f3badf46d8
SHA256

5541bed9488c93006b7eee09c666bf816669159a44e88512cf4e9ee33494af2e
SHA512

176942cb0fb744f18d277ac7bb38fc1f5721aa7ee18d672b86d1eaa30f92f9f58e1813bad4105671c116aef886d3857b03e2fc6ece62dc34932f97ae06d9ad24
SSDEEP

192:bYB/LHgtYS0B0UZkvNuZ/lJh3rKRleg30assgAV20V1DLF5XKJ:bG/LHgtcle6vh3r0leKxF5I

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

rundll32.exe

pid process

4788 rundll32.exe
4788 rundll32.exe

pid	process
4788	rundll32.exe
4788	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\GuyletsExternalRidJoinerGui\RID_DLL.dll,#1
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:4788