69a7a5ef34600745be9dddc8257efd72daa9bfe5a9f6bc05089a29c5f0a12299

Analysis

max time kernel
44s
max time network
48s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
25-11-2022 23:00

Target

69a7a5ef34600745be9dddc8257efd72daa9bfe5a9f6bc05089a29c5f0a12299.dll
Size

165KB
MD5

ef7ba718be972680c5ba2df75c610c81
SHA1

878a7017e47acfa29dff91a074cd40462fbbcbfa
SHA256

69a7a5ef34600745be9dddc8257efd72daa9bfe5a9f6bc05089a29c5f0a12299
SHA512

f5e142cb18f6788412d3088e2da69ff46adf0540f597f18d94cf1fc9d73dc1e2c3de68d50347463b3d4817544046aec8fc4e547b1d32fc33c6d8a04e151fe26c
SSDEEP

3072:XYJqtaPjU4QbFctodhT3HCeVO3AP955CSGjDT76tkoRAr1L5tv19qCVy0EKHsj3M:X5taP6Fcif3H5VO3AVcDyLRe1L5VPqYL

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 2016 wrote to memory of 1080	2016	rundll32.exe	rundll32.exe
PID 2016 wrote to memory of 1080	2016	rundll32.exe	rundll32.exe
PID 2016 wrote to memory of 1080	2016	rundll32.exe	rundll32.exe
PID 2016 wrote to memory of 1080	2016	rundll32.exe	rundll32.exe
PID 2016 wrote to memory of 1080	2016	rundll32.exe	rundll32.exe
PID 2016 wrote to memory of 1080	2016	rundll32.exe	rundll32.exe
PID 2016 wrote to memory of 1080	2016	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\69a7a5ef34600745be9dddc8257efd72daa9bfe5a9f6bc05089a29c5f0a12299.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2016

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\69a7a5ef34600745be9dddc8257efd72daa9bfe5a9f6bc05089a29c5f0a12299.dll,#1
2⤵
PID:1080

memory/1080-54-0x0000000000000000-mapping.dmp

Download
memory/1080-55-0x0000000075A71000-0x0000000075A73000-memory.dmp

Filesize
8KB

Download
memory/1080-56-0x0000000075290000-0x00000000752EE000-memory.dmp

Filesize
376KB

Download
memory/1080-58-0x0000000075290000-0x00000000752EE000-memory.dmp

Filesize
376KB

Download
memory/1080-57-0x0000000075230000-0x000000007528E000-memory.dmp

Filesize
376KB

Download