0df7d928a14496a8c0339efa626cd6c2f30a49125e303c88c2244d46a4767e1c | Triage

Analysis

max time kernel
143s
max time network
180s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
03-10-2022 21:44

Sharing

Report Analysis Logs

General

Target

0df7d928a14496a8c0339efa626cd6c2f30a49125e303c88c2244d46a4767e1c.dll
Size

3KB
MD5

33f729df1034eb0d35b7b36e2ee376e6
SHA1

b2d775425331222040b592879a09af6f5c186e5f
SHA256

0df7d928a14496a8c0339efa626cd6c2f30a49125e303c88c2244d46a4767e1c
SHA512

2fbdcbeb975fb5ac17484af9c662957a4e1d51556f21e09b21ebde088e781204d0cda252245b2eb36fee686e49a1067b7ba955267f372863eb4b6dca57ff4519

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 664 wrote to memory of 4996	664	rundll32.exe	82
PID 664 wrote to memory of 4996	664	rundll32.exe	82
PID 664 wrote to memory of 4996	664	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\0df7d928a14496a8c0339efa626cd6c2f30a49125e303c88c2244d46a4767e1c.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:664
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\0df7d928a14496a8c0339efa626cd6c2f30a49125e303c88c2244d46a4767e1c.dll,#1
  2⤵
  PID:4996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads