Analysis
-
max time kernel
157s -
max time network
176s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
01/10/2022, 19:37
Static task
static1
Behavioral task
behavioral1
Sample
33571ada69b1c7b27069a55684935b347f9482f853ecbd7d3a184c6a821e7842.dll
Resource
win7-20220901-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
33571ada69b1c7b27069a55684935b347f9482f853ecbd7d3a184c6a821e7842.dll
Resource
win10v2004-20220812-en
1 signatures
150 seconds
General
-
Target
33571ada69b1c7b27069a55684935b347f9482f853ecbd7d3a184c6a821e7842.dll
-
Size
3KB
-
MD5
74077db156dceb97d53cc27f31506e7d
-
SHA1
d45b3b98ed2ecf0b543256bbd087dd50b042bec1
-
SHA256
33571ada69b1c7b27069a55684935b347f9482f853ecbd7d3a184c6a821e7842
-
SHA512
2bbb46e99eecf72397e262f0596c83c79d74176321a8c391436ef808a0bb5a60105b64ef74c57941c1e43007983f95cf22725b6025563da032a788b02fec8f4a
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4532 wrote to memory of 2184 4532 rundll32.exe 80 PID 4532 wrote to memory of 2184 4532 rundll32.exe 80 PID 4532 wrote to memory of 2184 4532 rundll32.exe 80
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\33571ada69b1c7b27069a55684935b347f9482f853ecbd7d3a184c6a821e7842.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:4532 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\33571ada69b1c7b27069a55684935b347f9482f853ecbd7d3a184c6a821e7842.dll,#12⤵PID:2184
-