Analysis
-
max time kernel
44s -
max time network
50s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
20/10/2022, 14:50
Static task
static1
Behavioral task
behavioral1
Sample
7679dc9331447348c977a425aa56017ecb0d49e10818e86fbb520f051d4b2cd1.dll
Resource
win7-20220901-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
7679dc9331447348c977a425aa56017ecb0d49e10818e86fbb520f051d4b2cd1.dll
Resource
win10v2004-20220812-en
1 signatures
150 seconds
General
-
Target
7679dc9331447348c977a425aa56017ecb0d49e10818e86fbb520f051d4b2cd1.dll
-
Size
3KB
-
MD5
80a8128860a4b7d9397a710e8034f987
-
SHA1
77b5c6f662dedfb5df583479948ed13f8f9b6cac
-
SHA256
7679dc9331447348c977a425aa56017ecb0d49e10818e86fbb520f051d4b2cd1
-
SHA512
a9922269bff27193e2e95136f17a93275a05c91c504be98b7c9434f6a427690de7f2baadcfb6e036a5b5ebca28efc95d91bc506d7f9b6af01db671e909aa762f
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1304 wrote to memory of 2012 1304 rundll32.exe 27 PID 1304 wrote to memory of 2012 1304 rundll32.exe 27 PID 1304 wrote to memory of 2012 1304 rundll32.exe 27 PID 1304 wrote to memory of 2012 1304 rundll32.exe 27 PID 1304 wrote to memory of 2012 1304 rundll32.exe 27 PID 1304 wrote to memory of 2012 1304 rundll32.exe 27 PID 1304 wrote to memory of 2012 1304 rundll32.exe 27
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7679dc9331447348c977a425aa56017ecb0d49e10818e86fbb520f051d4b2cd1.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1304 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7679dc9331447348c977a425aa56017ecb0d49e10818e86fbb520f051d4b2cd1.dll,#12⤵PID:2012
-