Analysis
-
max time kernel
39s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
28-11-2022 03:46
Static task
static1
Behavioral task
behavioral1
Sample
ComprovanteTed.dll
Resource
win7-20220812-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
ComprovanteTed.dll
Resource
win10v2004-20220901-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
ComprovanteTed.dll
-
Size
260KB
-
MD5
b26fdd7f72c294ca34b21d5798a1c29b
-
SHA1
4d25e19fe51aa1e18a8939aee54bcf3c5249a46c
-
SHA256
e771ae6851989d1512426fa0ffbfa9db96b9c84e2715fdb0e88250a6582d1ffa
-
SHA512
47ea3f9a1f4c4c0edcccc8436b8cbcf7a5233abc86d9a49949b79633c3cfe616ed9cbe18fb160b149a35ed87a6671c67abdf66dbe0e71010d43bf9bfc8aca72d
-
SSDEEP
6144:M4MiBfqRBwXKxEaZiOhubKN8zQfPO2JC:jMiBfqRB/r8OsuNBO2J
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1588 wrote to memory of 1652 1588 rundll32.exe rundll32.exe PID 1588 wrote to memory of 1652 1588 rundll32.exe rundll32.exe PID 1588 wrote to memory of 1652 1588 rundll32.exe rundll32.exe PID 1588 wrote to memory of 1652 1588 rundll32.exe rundll32.exe PID 1588 wrote to memory of 1652 1588 rundll32.exe rundll32.exe PID 1588 wrote to memory of 1652 1588 rundll32.exe rundll32.exe PID 1588 wrote to memory of 1652 1588 rundll32.exe rundll32.exe