6f0494c2516d4274537c33adb59bc532febe2a2c829c5fc68282ff8cd297f556 | Triage

Analysis

max time kernel
81s
max time network
122s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
21/10/2022, 02:05

Sharing

Report Analysis Logs

General

Target

6f0494c2516d4274537c33adb59bc532febe2a2c829c5fc68282ff8cd297f556.dll
Size

3KB
MD5

7be565a02ecc0d219da1418afe883050
SHA1

90be985c55327a03ee640c268ada5fc69632ad11
SHA256

6f0494c2516d4274537c33adb59bc532febe2a2c829c5fc68282ff8cd297f556
SHA512

2dabcd28459a131214e14c0453665aee72971697f2df3a1f9a8acca4a1129a152d5fa42fc03c8e3fd69cd2f0ad16b007c9460f1f1311c536171c5efa0fc28539

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3724 wrote to memory of 2948	3724	rundll32.exe	20
PID 3724 wrote to memory of 2948	3724	rundll32.exe	20
PID 3724 wrote to memory of 2948	3724	rundll32.exe	20

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\6f0494c2516d4274537c33adb59bc532febe2a2c829c5fc68282ff8cd297f556.dll,#1
1⤵
PID:2948

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\6f0494c2516d4274537c33adb59bc532febe2a2c829c5fc68282ff8cd297f556.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads