Analysis
-
max time kernel
53s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
25-11-2022 03:02
Static task
static1
Behavioral task
behavioral1
Sample
ooiwy.dll
Resource
win7-20221111-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
ooiwy.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
ooiwy.dll
-
Size
316KB
-
MD5
4e4ae70b6346eae111e31716dc76bc23
-
SHA1
1e7b9af799048e4112d2468323c5c147e20558f9
-
SHA256
f25a780095730701efac67e9d5b84bc289afea56d96d8aff8a44af69ae606404
-
SHA512
c6fe39e0d40ef150017d85719d4b4096244e58bd2384e420370302229d816e212658151fcf22bb847f3c16b4da2402a3f8dfc465dba563c5b0572e710018750e
-
SSDEEP
6144:v39GX5QjsakVCm+3OgNA0VEXf/DQEuOGAG:v65Qu/+egA0VutG
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 960 wrote to memory of 1596 960 rundll32.exe rundll32.exe PID 960 wrote to memory of 1596 960 rundll32.exe rundll32.exe PID 960 wrote to memory of 1596 960 rundll32.exe rundll32.exe PID 960 wrote to memory of 1596 960 rundll32.exe rundll32.exe PID 960 wrote to memory of 1596 960 rundll32.exe rundll32.exe PID 960 wrote to memory of 1596 960 rundll32.exe rundll32.exe PID 960 wrote to memory of 1596 960 rundll32.exe rundll32.exe