Analysis
-
max time kernel
42s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
19-09-2022 04:50
Static task
static1
Behavioral task
behavioral1
Sample
37a22e9a8b0f08bd29e01f82446b33eaaac857a0eda45233a1c50109ac2ac46f.dll
Resource
win7-20220812-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
37a22e9a8b0f08bd29e01f82446b33eaaac857a0eda45233a1c50109ac2ac46f.dll
Resource
win10v2004-20220901-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
37a22e9a8b0f08bd29e01f82446b33eaaac857a0eda45233a1c50109ac2ac46f.dll
-
Size
3KB
-
MD5
4627847767d2f8ed6fd75330aaebb91a
-
SHA1
8b521d4cd81a5925264816b32d99a9ac178f468a
-
SHA256
37a22e9a8b0f08bd29e01f82446b33eaaac857a0eda45233a1c50109ac2ac46f
-
SHA512
4d9f2c8946da423afec2806483afe1c3e909a200a792ba9d63fd3208f2c649ba5f6c96170b633bd7fa96ff6533ba4ab955857691aeff5ce45256f872f22d9c92
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1456 wrote to memory of 996 1456 rundll32.exe 24 PID 1456 wrote to memory of 996 1456 rundll32.exe 24 PID 1456 wrote to memory of 996 1456 rundll32.exe 24 PID 1456 wrote to memory of 996 1456 rundll32.exe 24 PID 1456 wrote to memory of 996 1456 rundll32.exe 24 PID 1456 wrote to memory of 996 1456 rundll32.exe 24 PID 1456 wrote to memory of 996 1456 rundll32.exe 24
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\37a22e9a8b0f08bd29e01f82446b33eaaac857a0eda45233a1c50109ac2ac46f.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1456 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\37a22e9a8b0f08bd29e01f82446b33eaaac857a0eda45233a1c50109ac2ac46f.dll,#12⤵PID:996
-