Overview

overview

1

Static

static

85263c971a...4b.dll

windows7-x64

1

85263c971a...4b.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    114s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-10-2022 22:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    85263c971a18a0e82ebd42fc0fca2222f0de55ab0a960a2ac390a0e14c958c4b.dll

  • Size

    76KB

  • MD5

    4c7648dae0200c09f278c28cbfa41900

  • SHA1

    41911f51a4f5e3a84d10399b3861c8697a4de0f5

  • SHA256

    85263c971a18a0e82ebd42fc0fca2222f0de55ab0a960a2ac390a0e14c958c4b

  • SHA512

    aacc5b72fbec444448e267239c5006b80948a5e1e673586142ba3f7cf1f4f543606b35c052319612b45e72283abb2be56b4f0f8c01cdecba8affe43fa6d4f0a1

  • SSDEEP

    1536:9DWFwc8+TpKSKiuowMAYGpAYJnodSIINxHvTrUKOXh4l:9Dowc8FiuCAYGpAYJnodQvE4l

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\85263c971a18a0e82ebd42fc0fca2222f0de55ab0a960a2ac390a0e14c958c4b.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1284
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\85263c971a18a0e82ebd42fc0fca2222f0de55ab0a960a2ac390a0e14c958c4b.dll,#1
      2⤵
        PID:2152

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2152-132-0x0000000000000000-mapping.dmp

      Download