231a31d0998ade210bbec14121191459fdee8202b14422a4200a004aca332a5e | Triage

Analysis

max time kernel
61s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
30/10/2022, 05:27

Sharing

Report Analysis Logs

General

Target

231a31d0998ade210bbec14121191459fdee8202b14422a4200a004aca332a5e.dll
Size

3KB
MD5

83b692174166af1060c33214767a75d0
SHA1

74c74905fd0dfe9bfbe1a0f2f4fb37f395cd474d
SHA256

231a31d0998ade210bbec14121191459fdee8202b14422a4200a004aca332a5e
SHA512

37d9ab4412303f77bf661a417c21ba236012971dfad3b5e2da713ac000dd2cee20c36f120772ddc5651d2206a0f9cc54da91a272203c9d19c469cd09722d0b7c

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4480 wrote to memory of 1156	4480	rundll32.exe	82
PID 4480 wrote to memory of 1156	4480	rundll32.exe	82
PID 4480 wrote to memory of 1156	4480	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\231a31d0998ade210bbec14121191459fdee8202b14422a4200a004aca332a5e.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4480
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\231a31d0998ade210bbec14121191459fdee8202b14422a4200a004aca332a5e.dll,#1
  2⤵
  PID:1156

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads