738db198323e2e66313a2832f45061d008fe1f6ed55031ca47c09d9174ec4783 | Triage

Analysis

max time kernel
91s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
30/10/2022, 00:49

Sharing

Report Analysis Logs

General

Target

738db198323e2e66313a2832f45061d008fe1f6ed55031ca47c09d9174ec4783.dll
Size

4KB
MD5

8513a2f638ff41ed867db35bcc5894dd
SHA1

23f32c5852d24da047e47af25179f2594ee5349f
SHA256

738db198323e2e66313a2832f45061d008fe1f6ed55031ca47c09d9174ec4783
SHA512

97ecd0f510e3cd02dce5d9278e363738148d69a56273a4b62798300fb994b8421745dcc81eca58f67311167f73c303a9d8abbbe9341b4858899c61e0cf6f4369

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4488 wrote to memory of 4708	4488	rundll32.exe	28
PID 4488 wrote to memory of 4708	4488	rundll32.exe	28
PID 4488 wrote to memory of 4708	4488	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\738db198323e2e66313a2832f45061d008fe1f6ed55031ca47c09d9174ec4783.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4488
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\738db198323e2e66313a2832f45061d008fe1f6ed55031ca47c09d9174ec4783.dll,#1
  2⤵
  PID:4708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads