Overview

overview

1

Static

static

e0097561c9...3b.dll

windows7-x64

1

e0097561c9...3b.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    177s
  • max time network
    223s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-12-2022 19:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e0097561c909d49ff64b899ef4ce2e56efa3fd740dfe8c0650be6c9e3685273b.dll

  • Size

    128KB

  • MD5

    521ba6645e5feb124bf558037b02f805

  • SHA1

    551be1ed74685da2aa9c15f7433aa62345ca5e91

  • SHA256

    e0097561c909d49ff64b899ef4ce2e56efa3fd740dfe8c0650be6c9e3685273b

  • SHA512

    ef913e4d6903eab17311e5ec2f52c7952b936f9d5819fd09c48236cab43624ddb4e854974abb36ddd5f16123b0111dc2c5dfb833f5eb4aa79a6edb61204c9166

  • SSDEEP

    1536:KR2+boyBv1eyFC4cY3tcNKafgixNpdJvVy5xWtF92Re8NxP4al5cbfKjWmEP:K8lyBv1e6dmhHmxP4alAfgE

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\e0097561c909d49ff64b899ef4ce2e56efa3fd740dfe8c0650be6c9e3685273b.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3076
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\e0097561c909d49ff64b899ef4ce2e56efa3fd740dfe8c0650be6c9e3685273b.dll,#1
      2⤵
        PID:4776

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4776-132-0x0000000000000000-mapping.dmp

      Download