185e8933bcf6ed7dd7932e48c98a433096723f78184b97c2dbe0a8a7d086a45c

Analysis

max time kernel
44s
max time network
49s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
01/12/2022, 15:33

Target

185e8933bcf6ed7dd7932e48c98a433096723f78184b97c2dbe0a8a7d086a45c.dll
Size

26KB
MD5

6387a78b7714abd5e1b5f55cf4da2f40
SHA1

2783163d35684dd37cea3b47a31038612f0427b4
SHA256

185e8933bcf6ed7dd7932e48c98a433096723f78184b97c2dbe0a8a7d086a45c
SHA512

b4e8136023c7fcf628c58cb514597d8ca510084296bb5cc3450cd3a3a853a4114ab556e0bee57a0e75cf71d858d3fec83edc219c9cee49c006f9fed927d50c98
SSDEEP

768:tn9opvGMutW+7Qta+dK+5DUod7COE9tzf/7:tngeW+ctaSK+5wtOkb7

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1928-57-0x0000000074EA0000-0x0000000074EB5000-memory.dmp	upx

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 1048 wrote to memory of 1928	1048	rundll32.exe	27
PID 1048 wrote to memory of 1928	1048	rundll32.exe	27
PID 1048 wrote to memory of 1928	1048	rundll32.exe	27
PID 1048 wrote to memory of 1928	1048	rundll32.exe	27
PID 1048 wrote to memory of 1928	1048	rundll32.exe	27
PID 1048 wrote to memory of 1928	1048	rundll32.exe	27
PID 1048 wrote to memory of 1928	1048	rundll32.exe	27

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\185e8933bcf6ed7dd7932e48c98a433096723f78184b97c2dbe0a8a7d086a45c.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1048
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\185e8933bcf6ed7dd7932e48c98a433096723f78184b97c2dbe0a8a7d086a45c.dll,#1
  2⤵
  PID:1928

memory/1928-55-0x00000000759F1000-0x00000000759F3000-memory.dmp

Filesize
8KB

Download
memory/1928-56-0x0000000074EC0000-0x0000000074ED3000-memory.dmp

Filesize
76KB

Download
memory/1928-57-0x0000000074EA0000-0x0000000074EB5000-memory.dmp

Filesize
84KB

Download