b76be407e4c2a98f4ce2220f007d5a78d7a6b01e6ba1fba4eb5ad5e36483cb1a

Analysis

max time kernel
39s
max time network
44s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
03/10/2022, 19:18

Target

b76be407e4c2a98f4ce2220f007d5a78d7a6b01e6ba1fba4eb5ad5e36483cb1a.dll
Size

58KB
MD5

6dacff7e39243c0343e975fca21d2350
SHA1

352e7fbbcc47978faa536c117b6e79f78f3b1579
SHA256

b76be407e4c2a98f4ce2220f007d5a78d7a6b01e6ba1fba4eb5ad5e36483cb1a
SHA512

1d7d55b77ceda76bcc2a856c0bfd49abd293f15acd0767752663f9b09a559fe1e1039c10f8177c002a3e864efd2f0d5503134765c36d04e956e6bddd7e6c72a4
SSDEEP

768:2VafbmXKXqwqj9OpUt4/qoZ2bMYPdruaDrTMnhx7/HMi+2YKIIPVkKa4SBbJHPN3:2IfbmtOpUtoqoQvfDrghNT+2w8mbJ1//

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 1504 wrote to memory of 1460	1504	rundll32.exe	26
PID 1504 wrote to memory of 1460	1504	rundll32.exe	26
PID 1504 wrote to memory of 1460	1504	rundll32.exe	26
PID 1504 wrote to memory of 1460	1504	rundll32.exe	26
PID 1504 wrote to memory of 1460	1504	rundll32.exe	26
PID 1504 wrote to memory of 1460	1504	rundll32.exe	26
PID 1504 wrote to memory of 1460	1504	rundll32.exe	26

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\b76be407e4c2a98f4ce2220f007d5a78d7a6b01e6ba1fba4eb5ad5e36483cb1a.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1504
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\b76be407e4c2a98f4ce2220f007d5a78d7a6b01e6ba1fba4eb5ad5e36483cb1a.dll,#1
  2⤵
  PID:1460

memory/1460-55-0x00000000768A1000-0x00000000768A3000-memory.dmp

Filesize
8KB

Download