Overview

overview

1

Static

static

3721ef34bc...46.dll

windows7-x64

1

3721ef34bc...46.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    183s
  • max time network
    196s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-11-2022 05:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3721ef34bc5084db38cc648b5f7522655d07411d0b444ecc9b2b508da875aa46.dll

  • Size

    4KB

  • MD5

    cbbb3a79c3b6f832e4b6b06190866ba0

  • SHA1

    92c9cdd69d98fab7be19c61c2f6d68c1cbb3c759

  • SHA256

    3721ef34bc5084db38cc648b5f7522655d07411d0b444ecc9b2b508da875aa46

  • SHA512

    3bfd3a0243b4086c964b0dc8f5375af2f8c338b8473fc479766ada98f9d1e8f754f9653b64c59550569968e5df040e7ac5a7a8755c6ec9bf0b62d72796c763ff

  • SSDEEP

    48:a5zjMTGcITBVQVE1lc87qd3MFZxZMv8sVcX0HGdJpuUY:iT3Qu8Wqd34MvlcLxZY

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\3721ef34bc5084db38cc648b5f7522655d07411d0b444ecc9b2b508da875aa46.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1528
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\3721ef34bc5084db38cc648b5f7522655d07411d0b444ecc9b2b508da875aa46.dll,#1
      2⤵
        PID:220

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/220-132-0x0000000000000000-mapping.dmp

      Download