Analysis
-
max time kernel
44s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
01/10/2022, 19:37
Static task
static1
Behavioral task
behavioral1
Sample
33571ada69b1c7b27069a55684935b347f9482f853ecbd7d3a184c6a821e7842.dll
Resource
win7-20220901-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
33571ada69b1c7b27069a55684935b347f9482f853ecbd7d3a184c6a821e7842.dll
Resource
win10v2004-20220812-en
1 signatures
150 seconds
General
-
Target
33571ada69b1c7b27069a55684935b347f9482f853ecbd7d3a184c6a821e7842.dll
-
Size
3KB
-
MD5
74077db156dceb97d53cc27f31506e7d
-
SHA1
d45b3b98ed2ecf0b543256bbd087dd50b042bec1
-
SHA256
33571ada69b1c7b27069a55684935b347f9482f853ecbd7d3a184c6a821e7842
-
SHA512
2bbb46e99eecf72397e262f0596c83c79d74176321a8c391436ef808a0bb5a60105b64ef74c57941c1e43007983f95cf22725b6025563da032a788b02fec8f4a
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1104 wrote to memory of 1744 1104 rundll32.exe 27 PID 1104 wrote to memory of 1744 1104 rundll32.exe 27 PID 1104 wrote to memory of 1744 1104 rundll32.exe 27 PID 1104 wrote to memory of 1744 1104 rundll32.exe 27 PID 1104 wrote to memory of 1744 1104 rundll32.exe 27 PID 1104 wrote to memory of 1744 1104 rundll32.exe 27 PID 1104 wrote to memory of 1744 1104 rundll32.exe 27
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\33571ada69b1c7b27069a55684935b347f9482f853ecbd7d3a184c6a821e7842.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1104 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\33571ada69b1c7b27069a55684935b347f9482f853ecbd7d3a184c6a821e7842.dll,#12⤵PID:1744
-