Overview

overview

1

Static

static

7caa5da404...58.dll

windows7-x64

1

7caa5da404...58.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    45s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2022, 05:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7caa5da40477cdbd71a653086882e288ef1323984b63bfa23b2aba05e15ff458.dll

  • Size

    128KB

  • MD5

    739fae3390f56f19ad0494f51a3a2738

  • SHA1

    45f4052135a12fbbf670c6ea7e67176f0f50628f

  • SHA256

    7caa5da40477cdbd71a653086882e288ef1323984b63bfa23b2aba05e15ff458

  • SHA512

    c0aa6c5b61784a44c05326eac099f306cb28ba0e8746d9ac24db4aa9db96353b3d2d60155a80859c66b8706fe300c30364dc2a8163b3061ae3b5b990ea212223

  • SSDEEP

    1536:JTi4jxiyt/QZHcODQONc8+P93GFoFH32FmlD9/fgKMFoa2vIyhoodBsC:dXaHr3cnPJgk2gDRGFoZvIyhoovsC

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\7caa5da40477cdbd71a653086882e288ef1323984b63bfa23b2aba05e15ff458.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\7caa5da40477cdbd71a653086882e288ef1323984b63bfa23b2aba05e15ff458.dll,#1
      2⤵
        PID:1388

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1388-55-0x00000000759F1000-0x00000000759F3000-memory.dmp

            Filesize

            8KB

            Download

          • memory/1388-56-0x0000000000220000-0x000000000022D000-memory.dmp

            Filesize

            52KB

            Download

          • memory/1388-58-0x0000000010000000-0x000000001000C000-memory.dmp

            Filesize

            48KB

            Download

          • memory/1388-61-0x0000000000220000-0x000000000022D000-memory.dmp

            Filesize

            52KB

            Download

          • memory/1388-62-0x0000000000220000-0x0000000000226000-memory.dmp

            Filesize

            24KB

            Download