Analysis
-
max time kernel
167s -
max time network
188s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
25-11-2022 22:53
Static task
static1
Behavioral task
behavioral1
Sample
Fotos.dll
Resource
win7-20220812-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
Fotos.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
Fotos.dll
-
Size
908KB
-
MD5
82f340ab0c2ada41d4b5be7e859db4ce
-
SHA1
a85ed3d4402d86688043df78c1f8e03959b1847a
-
SHA256
e599ad6972d8c255028d343ce17b7a3a951f0b88d4c72c423b395b4906b44534
-
SHA512
bc0b3da4121eb5c45fb93cd40785d13180d27e7a1f8eb7d1a62f9d2f7c526e8e34a35ec4084959acb278774ca160360d661abdebc12cdf0c110465370edf0dab
-
SSDEEP
12288:/RU+PnumcrlCE4aaQN+CULU52eQMalnTLfNz36VQTwTiJ888888888888W88888P:JEhn4aaQNHaK2eQXpl36VBTi
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4880 wrote to memory of 4700 4880 rundll32.exe 77 PID 4880 wrote to memory of 4700 4880 rundll32.exe 77 PID 4880 wrote to memory of 4700 4880 rundll32.exe 77