Overview

overview

8

Static

static

8

19c14ca617...7d.dll

windows7-x64

1

19c14ca617...7d.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    39s
  • max time network
    48s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    03/10/2022, 20:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    19c14ca6173117323b48624d93c0cb0823c741df91017ae0015c8db6aed1217d.dll

  • Size

    434KB

  • MD5

    f8d05007ae88e61aec1c5643a2a0bec3

  • SHA1

    dfe5089be3658af9192ae12c62fdcab440d5039c

  • SHA256

    19c14ca6173117323b48624d93c0cb0823c741df91017ae0015c8db6aed1217d

  • SHA512

    d7ff8d458082b9166b0ccc429a93c1529c820a6991d360d74b1bf0ef422f32f3e876f32614e7803ffc9d25d7ebcc4cf5c2a27fedca8d346ddcc3a735b18b9115

  • SSDEEP

    6144:Tg07JKSLE60u17Iv3uATHUoupegtZTq6xpM9HFF9eFLBy9lMNJV:E03uWU2cH4pJ/Tq6E9H30LD

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\19c14ca6173117323b48624d93c0cb0823c741df91017ae0015c8db6aed1217d.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1516
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\19c14ca6173117323b48624d93c0cb0823c741df91017ae0015c8db6aed1217d.dll,#1
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:1576

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1576-55-0x0000000075111000-0x0000000075113000-memory.dmp

          Filesize

          8KB

          Download

        • memory/1576-56-0x0000000010000000-0x0000000010138000-memory.dmp

          Filesize

          1.2MB

          Download

        • memory/1576-57-0x0000000010000000-0x0000000010138000-memory.dmp

          Filesize

          1.2MB

          Download

        • memory/1576-58-0x0000000010000000-0x0000000010138000-memory.dmp

          Filesize

          1.2MB

          Download