Analysis
-
max time kernel
96s -
max time network
144s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
29-11-2022 05:50
Static task
static1
Behavioral task
behavioral1
Sample
3dc71b9bbbab76e7f411b7e704a8a2774804a9229f8bcb14635bdc140d7e5f5f.dll
Resource
win7-20220812-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
3dc71b9bbbab76e7f411b7e704a8a2774804a9229f8bcb14635bdc140d7e5f5f.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
3dc71b9bbbab76e7f411b7e704a8a2774804a9229f8bcb14635bdc140d7e5f5f.dll
-
Size
4KB
-
MD5
1a7d1c71cf9598a8b7d23589b75165b0
-
SHA1
18d3c6e49cf7c4b10f84e9f9ba8697ad13793d95
-
SHA256
3dc71b9bbbab76e7f411b7e704a8a2774804a9229f8bcb14635bdc140d7e5f5f
-
SHA512
9823cf401c05715f1312fc2e7e751033ae447d9a6dafe0c3a91b77c0c9d993dc364edc6a6f05f4b5b1592d3b5ecff90bfa010ad5cacd2b643ee8e5681a551fab
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1352 wrote to memory of 404 1352 rundll32.exe 79 PID 1352 wrote to memory of 404 1352 rundll32.exe 79 PID 1352 wrote to memory of 404 1352 rundll32.exe 79
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\3dc71b9bbbab76e7f411b7e704a8a2774804a9229f8bcb14635bdc140d7e5f5f.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1352 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\3dc71b9bbbab76e7f411b7e704a8a2774804a9229f8bcb14635bdc140d7e5f5f.dll,#12⤵PID:404
-