Analysis

  • max time kernel
    167s
  • max time network
    188s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-11-2022 22:53

General

  • Target

    Fotos.dll

  • Size

    908KB

  • MD5

    82f340ab0c2ada41d4b5be7e859db4ce

  • SHA1

    a85ed3d4402d86688043df78c1f8e03959b1847a

  • SHA256

    e599ad6972d8c255028d343ce17b7a3a951f0b88d4c72c423b395b4906b44534

  • SHA512

    bc0b3da4121eb5c45fb93cd40785d13180d27e7a1f8eb7d1a62f9d2f7c526e8e34a35ec4084959acb278774ca160360d661abdebc12cdf0c110465370edf0dab

  • SSDEEP

    12288:/RU+PnumcrlCE4aaQN+CULU52eQMalnTLfNz36VQTwTiJ888888888888W88888P:JEhn4aaQNHaK2eQXpl36VBTi

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Fotos.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4880
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Fotos.dll,#1
      2⤵
        PID:4700

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads