Analysis
-
max time kernel
40s -
max time network
51s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
-
submitted
29/11/2022, 12:48
General
-
Target
42c80fbe7c8d3cc435f5bf61bd889e4ef093b7bc04052fcc4f00422da5624696.dll
-
Size
1.1MB
-
MD5
b77353843624d5dfa70a071d25b8093b
-
SHA1
d112b5efefc14789af150554e08db1282bf97615
-
SHA256
42c80fbe7c8d3cc435f5bf61bd889e4ef093b7bc04052fcc4f00422da5624696
-
SHA512
f0475bbf082018b6d4e92740f3d846147ddbd16678175f89e366fc005e7c1d85aa4053bd7fce081134d51183147b60caece485caf340a8b6d2645a0d959d3d66
-
SSDEEP
24576:LYqXy239YT3FqXZ5LsEhxngZSOk2xGGJuMJ2qFQyFLq//+YE:UrNFqdD5xzJqnM+
Score
5/10
Malware Config
Signatures
-
Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\42c80fbe7c8d3cc435f5bf61bd889e4ef093b7bc04052fcc4f00422da5624696.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\42c80fbe7c8d3cc435f5bf61bd889e4ef093b7bc04052fcc4f00422da5624696.dll,#12⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
-
Filesize
5.0MB
-
Filesize
5.0MB
-
Filesize
5.0MB