Overview

overview

5

Static

static

0586a7b0d8...1c.dll

windows7-x64

1

0586a7b0d8...1c.dll

windows10-2004-x64

5

Analysis

  • max time kernel
    41s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    30/10/2022, 08:36

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0586a7b0d853e1a1c57317f9f13074febab166ba9565fb727312024a70c6ff1c.dll

  • Size

    49KB

  • MD5

    926b28f2d269f3da6d08c1d2447ab4b4

  • SHA1

    67514404f9cef9d536c8c12b87f8a9f0ad77221c

  • SHA256

    0586a7b0d853e1a1c57317f9f13074febab166ba9565fb727312024a70c6ff1c

  • SHA512

    29a7f4331312dff172fb8da1d37649dc4508a85648be7491af95cfdec9b3fa1e517949e54f4833af448db429614c9fc60e4e50adf092c5acbdb3067b376cae2c

  • SSDEEP

    768:SirONmlxmkST08z7TouNF44K9GjXi3bEf5qyfkCYD48H3t8ezXKCfU:SRolU3zThF4r9GjXibE3febH98ezXKIU

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\0586a7b0d853e1a1c57317f9f13074febab166ba9565fb727312024a70c6ff1c.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2000
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\0586a7b0d853e1a1c57317f9f13074febab166ba9565fb727312024a70c6ff1c.dll,#1
      2⤵
        PID:1948

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1948-55-0x0000000074F01000-0x0000000074F03000-memory.dmp

            Filesize

            8KB

            Download

          • memory/1948-56-0x0000000010000000-0x000000001001D000-memory.dmp

            Filesize

            116KB

            Download

          • memory/1948-57-0x0000000010000000-0x000000001001D000-memory.dmp

            Filesize

            116KB

            Download

          • memory/1948-58-0x0000000010000000-0x000000001001D000-memory.dmp

            Filesize

            116KB

            Download

          • memory/1948-59-0x0000000000120000-0x0000000000125000-memory.dmp

            Filesize

            20KB

            Download