Overview

overview

1

Static

static

d3b5293e91...16.dll

windows7-x64

1

d3b5293e91...16.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/11/2022, 05:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d3b5293e91feae79871a67fa0689db4735095dc0e425686b5ed0227c14835516.dll

  • Size

    5KB

  • MD5

    dd308b963d19ac0076e17ded7b349f60

  • SHA1

    403db7ad0e5b06bc6c70a9c4aab5e8ff0d0d7a2c

  • SHA256

    d3b5293e91feae79871a67fa0689db4735095dc0e425686b5ed0227c14835516

  • SHA512

    2857251714ef77f3b2657c59969e17500c78445931732ba4eab44d3430ed769e7c08cde83add6a562f0dd6ccbb6f250be57bbda3bd8982a352c557ef3fae01b1

  • SSDEEP

    48:Ss0vOiamaF9wJqkECrhWR00scqn6dvVmVAwYnUR4FCrF2/SY0D7cS4R:z0I9wZLrY0/mI4n640F2a7cSu

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\d3b5293e91feae79871a67fa0689db4735095dc0e425686b5ed0227c14835516.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4956
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\d3b5293e91feae79871a67fa0689db4735095dc0e425686b5ed0227c14835516.dll,#1
      2⤵
        PID:4880

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads