Analysis Overview
score
1/10
SHA256
2c179565c3c2f9f67516d9c66394abb92c11979875e51e0fcebaf1529722163e
Threat Level: No (potentially) malicious behavior was detected
The file pwrls.dll was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
N/A
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2022-11-01 10:37
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2022-11-01 10:37
Reported
2022-11-01 10:40
Platform
win7-20220812-en
Max time kernel
39s
Max time network
46s
Command Line
rundll32.exe C:\Users\Admin\AppData\Local\Temp\pwrls.dll,#1
Signatures
N/A
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\pwrls.dll,#1
Network
N/A
Files
N/A
Analysis: behavioral2
Detonation Overview
Submitted
2022-11-01 10:37
Reported
2022-11-01 10:40
Platform
win10v2004-20220901-en
Max time kernel
91s
Max time network
136s
Command Line
rundll32.exe C:\Users\Admin\AppData\Local\Temp\pwrls.dll,#1
Signatures
N/A
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\pwrls.dll,#1
Network
| Country | Destination | Domain | Proto |
| NL | 104.80.225.205:443 | tcp | |
| US | 20.189.173.4:443 | tcp | |
| US | 8.253.183.120:80 | tcp | |
| US | 8.253.183.120:80 | tcp | |
| US | 8.253.183.120:80 | tcp |
Files
N/A