cf4968f87901d839e6c416c2e639861b1d72e087f0b3b6e0dc8e920a4eca84f9

Analysis

max time kernel
55s
max time network
74s
platform
windows10-1703_x64
resource
win10-20220812-en
resource tags

arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
submitted
12-09-2022 21:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

tf2_public.dll
Size

460KB
MD5

10783282c637aa490dd4a388f2f04f1e
SHA1

9718cc8afcdbdb6616cb5bd9515e96370e9f676a
SHA256

cf4968f87901d839e6c416c2e639861b1d72e087f0b3b6e0dc8e920a4eca84f9
SHA512

cdff887aafba4d288033eeb4d09e18910c584d6945aa7cc059878fa976e3e743d086d1e8f5dbebb788ec16c0c33e5d97e28262518fe649a718818ac1b745fa21
SSDEEP

12288:cC+lQSx9duOxlH/U/KoxFNgxnlnqgg5phGJshSMXlzbze:cCOPxNaKozNgxnlnrMhGJshSMXlzb

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2672 wrote to memory of 2692	2672	rundll32.exe	66
PID 2672 wrote to memory of 2692	2672	rundll32.exe	66
PID 2672 wrote to memory of 2692	2672	rundll32.exe	66

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\tf2_public.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2672
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\tf2_public.dll,#1
  2⤵
  PID:2692

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2692-116-0x0000000000000000-mapping.dmp

Download
memory/2692-117-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-118-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-119-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-120-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-121-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-122-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-123-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-124-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-125-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-126-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-127-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-128-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-129-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-130-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-131-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-132-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-133-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-134-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-135-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-136-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-137-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-139-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-138-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-140-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-141-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-143-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-142-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-144-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-145-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-146-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-147-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-148-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-149-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-150-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-151-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-152-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-153-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-154-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-155-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-156-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-157-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-158-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-159-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-160-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-161-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-163-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-162-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-164-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-165-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-166-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download
memory/2692-167-0x0000000077B40000-0x0000000077CCE000-memory.dmp

Filesize
1.6MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads