Analysis
-
max time kernel
144s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
23-11-2022 18:58
Static task
static1
Behavioral task
behavioral1
Sample
12c09ace23ca076a4ee7beb3e7088e7e6ab83b3900d55e6b416e3bf6a91d9ef6.dll
Resource
win7-20220812-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
12c09ace23ca076a4ee7beb3e7088e7e6ab83b3900d55e6b416e3bf6a91d9ef6.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
12c09ace23ca076a4ee7beb3e7088e7e6ab83b3900d55e6b416e3bf6a91d9ef6.dll
-
Size
3KB
-
MD5
51b19adba7f496971c6c4702d7730643
-
SHA1
366e55d302f287dd34b17fd42471894ec5cc6a3b
-
SHA256
12c09ace23ca076a4ee7beb3e7088e7e6ab83b3900d55e6b416e3bf6a91d9ef6
-
SHA512
934918dd686c785e3cd092eb766362dfd9b36f80c6fb5ac179b53c022c4e086d85186f88165a9175557581ed8a7d636e4b9c6a1e863a541d288dce9d6b737a5a
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3532 wrote to memory of 4660 3532 rundll32.exe rundll32.exe PID 3532 wrote to memory of 4660 3532 rundll32.exe rundll32.exe PID 3532 wrote to memory of 4660 3532 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\12c09ace23ca076a4ee7beb3e7088e7e6ab83b3900d55e6b416e3bf6a91d9ef6.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:3532 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\12c09ace23ca076a4ee7beb3e7088e7e6ab83b3900d55e6b416e3bf6a91d9ef6.dll,#12⤵PID:4660
-