Analysis
-
max time kernel
218s -
max time network
333s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
23-11-2022 17:03
General
-
Target
4a60edf9be5ddfb5d394282ea30b5d5779c9d93d004f10aa06f0b110a133cd28.dll
-
Size
176KB
-
MD5
5a9365adfbdb8aac6d01510d019131fc
-
SHA1
4975e33073191ebb142e33aa2a926d622eeb1ec9
-
SHA256
4a60edf9be5ddfb5d394282ea30b5d5779c9d93d004f10aa06f0b110a133cd28
-
SHA512
0fa6ef5d41a8a4c97dcff4252a2e2c13c668b6e5c22a182b569c26f9db06b31a53afc803333b3a1d60f0cda232e80aff27f5ff7da57afb981dfe34912f87a027
-
SSDEEP
1536:M3JfgivKsLMSb/Zp+GThg4kuH79vJRK/Yhil25zdR99Dbrs6poM3+5Rf8D6ZsPal:MemR1b/Zp9g4/KMik5zdbO/TvPqeZ
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\4a60edf9be5ddfb5d394282ea30b5d5779c9d93d004f10aa06f0b110a133cd28.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\4a60edf9be5ddfb5d394282ea30b5d5779c9d93d004f10aa06f0b110a133cd28.dll,#12⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/960-54-0x0000000000000000-mapping.dmp
-
memory/960-55-0x00000000753F1000-0x00000000753F3000-memory.dmpFilesize
8KB
-
memory/960-56-0x0000000010000000-0x000000001002D000-memory.dmpFilesize
180KB
-
memory/960-57-0x00000000001C0000-0x00000000001CF000-memory.dmpFilesize
60KB
-
memory/960-58-0x00000000001D0000-0x00000000001DF000-memory.dmpFilesize
60KB