Overview

overview

8

Static

static

8

69a7a5ef34...99.dll

windows7-x64

1

69a7a5ef34...99.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    44s
  • max time network
    48s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    25-11-2022 23:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    69a7a5ef34600745be9dddc8257efd72daa9bfe5a9f6bc05089a29c5f0a12299.dll

  • Size

    165KB

  • MD5

    ef7ba718be972680c5ba2df75c610c81

  • SHA1

    878a7017e47acfa29dff91a074cd40462fbbcbfa

  • SHA256

    69a7a5ef34600745be9dddc8257efd72daa9bfe5a9f6bc05089a29c5f0a12299

  • SHA512

    f5e142cb18f6788412d3088e2da69ff46adf0540f597f18d94cf1fc9d73dc1e2c3de68d50347463b3d4817544046aec8fc4e547b1d32fc33c6d8a04e151fe26c

  • SSDEEP

    3072:XYJqtaPjU4QbFctodhT3HCeVO3AP955CSGjDT76tkoRAr1L5tv19qCVy0EKHsj3M:X5taP6Fcif3H5VO3AVcDyLRe1L5VPqYL

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\69a7a5ef34600745be9dddc8257efd72daa9bfe5a9f6bc05089a29c5f0a12299.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2016
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\69a7a5ef34600745be9dddc8257efd72daa9bfe5a9f6bc05089a29c5f0a12299.dll,#1
      2⤵
        PID:1080

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1080-54-0x0000000000000000-mapping.dmp
      Download
    • memory/1080-55-0x0000000075A71000-0x0000000075A73000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1080-56-0x0000000075290000-0x00000000752EE000-memory.dmp
      Filesize

      376KB

      Download
    • memory/1080-58-0x0000000075290000-0x00000000752EE000-memory.dmp
      Filesize

      376KB

      Download
    • memory/1080-57-0x0000000075230000-0x000000007528E000-memory.dmp
      Filesize

      376KB

      Download