Overview

overview

1

Static

static

6427b416a8...fb.dll

windows7-x64

1

6427b416a8...fb.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    187s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 23:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6427b416a8449f4b299488e4b4a8541bae977b2c293fa3dd7f24a58780d449fb.dll

  • Size

    4KB

  • MD5

    4b63973f3bb508f86fb09f4a9e4c7f50

  • SHA1

    c828dd61544286faf66795414f6dfcc9f5bbf1f5

  • SHA256

    6427b416a8449f4b299488e4b4a8541bae977b2c293fa3dd7f24a58780d449fb

  • SHA512

    52120aebab38940053e4c4141941064f937169850fff79ae61efd0d2b902e51f657dd85cf8b69d2d7c52a7dd8ffc5c8c23edcf5e7527e41dfd1f2be23b821e06

  • SSDEEP

    48:qHupGeMcCB96DrhWHR0FiIsipZlM+u+eAPMDQHpyuLv6omzwF7:PMXB0rw0MI/pwbdbA

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\6427b416a8449f4b299488e4b4a8541bae977b2c293fa3dd7f24a58780d449fb.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4816
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\6427b416a8449f4b299488e4b4a8541bae977b2c293fa3dd7f24a58780d449fb.dll,#1
      2⤵
        PID:1320

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads