Analysis
-
max time kernel
144s -
max time network
127s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
13-09-2022 11:08
Static task
static1
Behavioral task
behavioral1
Sample
1309.dll
Resource
win7-20220812-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral2
Sample
1309.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
1309.dll
-
Size
536KB
-
MD5
f724c9c1c66ffb25cfa2a1806cf5163c
-
SHA1
1afebb477e4da1d476ae03795a2007863d5bba45
-
SHA256
0fa902b9a3cd0299b79c427036ca2a356292c76c7a85da1312860db02486ab36
-
SHA512
c4f72aba68dcb274383be28a4c36a3918168ffbe457501362fc6f2e7956ae79a55042c290a661d5bf48db60a756e5784c4b47e85ee1aaef17a3f68cc3f4e3d06
-
SSDEEP
12288:OzxVoNEXfnRXaF0IsZQWkQsHipSzERvCey4CZfxz4um:UvoQfhE0IbRiLRq3bzp
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 4796 wrote to memory of 4788 4796 rundll32.exe rundll32.exe PID 4796 wrote to memory of 4788 4796 rundll32.exe rundll32.exe PID 4796 wrote to memory of 4788 4796 rundll32.exe rundll32.exe