7f010adecc2d309724d3444015995c5b55ad7ce986b140ed2e4c74162eb03eac | Triage

Analysis

max time kernel
143s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
29/11/2022, 05:20

Sharing

Report Analysis Logs

General

Target

7f010adecc2d309724d3444015995c5b55ad7ce986b140ed2e4c74162eb03eac.dll
Size

3KB
MD5

05a372d77d35c8a84225200483eda3a0
SHA1

f7fe788be4ead2646147976291ea1f27129ec8b7
SHA256

7f010adecc2d309724d3444015995c5b55ad7ce986b140ed2e4c74162eb03eac
SHA512

a59fa9b33768893a26273ec23092caa0c3e9b6ddc666d319f5619da86eee2a9629a67cf5b0297bb5d2b56ca92c147931c311ab030ecf0831a85ffecdc346f178

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2796 wrote to memory of 3048	2796	rundll32.exe	82
PID 2796 wrote to memory of 3048	2796	rundll32.exe	82
PID 2796 wrote to memory of 3048	2796	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\7f010adecc2d309724d3444015995c5b55ad7ce986b140ed2e4c74162eb03eac.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2796
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\7f010adecc2d309724d3444015995c5b55ad7ce986b140ed2e4c74162eb03eac.dll,#1
  2⤵
  PID:3048

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads