Overview

overview

1

Static

static

f1211840d0...5a.dll

windows7-x64

1

f1211840d0...5a.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    185s
  • max time network
    190s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/10/2022, 01:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f1211840d031828c96c6b14f6a295ea3be296ef501ff4be8c7df721ad242c35a.dll

  • Size

    6KB

  • MD5

    505a45b855ed2a98305b8d9af6e8951e

  • SHA1

    573553747b3832ac362a05b43cd741be40d639c6

  • SHA256

    f1211840d031828c96c6b14f6a295ea3be296ef501ff4be8c7df721ad242c35a

  • SHA512

    80e99ae25d695cd1a5f3c64ac011fb80ef34f7f54fd5ea25b6c88ff279bfc2aa67456b089cb09c01f24dc6f847f2429666d858f45d7b873e8f90e413a61e86f8

  • SSDEEP

    48:CfqNkYh+A9GSE8w7uCeL5l7zuUl6T0yRv5kK3KKX7iwwc9cdbcpnNYB27dc3:oWqSE97uCeFl7XrKXScKdYXYl

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\f1211840d031828c96c6b14f6a295ea3be296ef501ff4be8c7df721ad242c35a.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4808
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\f1211840d031828c96c6b14f6a295ea3be296ef501ff4be8c7df721ad242c35a.dll,#1
      2⤵
        PID:1984

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads