761066444dbbcf5700d3f353e832345608ae82d56beba40c763ba390777f105e | Triage

Analysis

max time kernel
184s
max time network
191s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
02/10/2022, 01:02

Sharing

Report Analysis Logs

General

Target

761066444dbbcf5700d3f353e832345608ae82d56beba40c763ba390777f105e.dll
Size

3KB
MD5

636f20e51ffec8f95929e19e7f3a5260
SHA1

fd13bff16cda8fed1d7f2914b1d9021deeb2622d
SHA256

761066444dbbcf5700d3f353e832345608ae82d56beba40c763ba390777f105e
SHA512

f30623dd2b0fe50d9665e7bdd9cfed8cfda3bfd9bd9660102caf8f4d843a9295725139d2eb53ae369c8eab04977854e5da3ce05d6c2af24590c7b980e1655067

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2272 wrote to memory of 4796	2272	rundll32.exe	80
PID 2272 wrote to memory of 4796	2272	rundll32.exe	80
PID 2272 wrote to memory of 4796	2272	rundll32.exe	80

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\761066444dbbcf5700d3f353e832345608ae82d56beba40c763ba390777f105e.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2272
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\761066444dbbcf5700d3f353e832345608ae82d56beba40c763ba390777f105e.dll,#1
  2⤵
  PID:4796

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads