Analysis
-
max time kernel
187s -
max time network
206s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
01/12/2022, 21:00
Static task
static1
Behavioral task
behavioral1
Sample
942367a5c7d55f9b5f156b83a0933211b67944208be7103cb556c774e7afb64c.dll
Resource
win7-20221111-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
942367a5c7d55f9b5f156b83a0933211b67944208be7103cb556c774e7afb64c.dll
Resource
win10v2004-20221111-en
1 signatures
150 seconds
General
-
Target
942367a5c7d55f9b5f156b83a0933211b67944208be7103cb556c774e7afb64c.dll
-
Size
1.7MB
-
MD5
69c143b1afce1bb03e99645736d6ca4c
-
SHA1
e54c58c096b7262803e818668c6c51eb30adad1f
-
SHA256
942367a5c7d55f9b5f156b83a0933211b67944208be7103cb556c774e7afb64c
-
SHA512
bf85d202b9146ea9e602589dfbc60e101ad4a18a1320def87cd93f3e6026758a13aae7b14c7f9f87c8eef013b4ca349346384ad3bea129567d92afc56ca9de35
-
SSDEEP
49152:HsbMCG4Zoj00+tYCRAjyEYmnpd35Ck7+f:6MCGEhYXWED5r7s
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4668 wrote to memory of 2612 4668 rundll32.exe 81 PID 4668 wrote to memory of 2612 4668 rundll32.exe 81 PID 4668 wrote to memory of 2612 4668 rundll32.exe 81
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\942367a5c7d55f9b5f156b83a0933211b67944208be7103cb556c774e7afb64c.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:4668 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\942367a5c7d55f9b5f156b83a0933211b67944208be7103cb556c774e7afb64c.dll,#12⤵PID:2612
-