Analysis
-
max time kernel
266s -
max time network
326s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
01/12/2022, 21:09
General
-
Target
919f6ed85013b5b628f3f11ee03a975e6e275dc9cf89cb36719ef311581f3136.dll
-
Size
63KB
-
MD5
7345998b3157ee7bb6cb1064d00565a3
-
SHA1
0fd33aa733c3a0a1e6caabff8f668c46b2949bca
-
SHA256
919f6ed85013b5b628f3f11ee03a975e6e275dc9cf89cb36719ef311581f3136
-
SHA512
ff4b809a540188b2f82f80ea3c25b125651f3ba6e77fa9c956a43fa51a74580e50d6e77bbb666a425a48757d9b2f96992cfd63998a8890114b7ec4184cc3389c
-
SSDEEP
768:nHpI5EBmwLXHN6RRHHdB+BmHY97o014/89GH4X6Mgd90YQFO6ZXsSKhAUlxSoL0:nJIMlt6RRdOm214/hVh4KhHnZY
Score
8/10
Malware Config
Signatures
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Installs/modifies Browser Helper Object 2 TTPs 1 IoCs
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Modifies registry class 4 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\919f6ed85013b5b628f3f11ee03a975e6e275dc9cf89cb36719ef311581f3136.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\919f6ed85013b5b628f3f11ee03a975e6e275dc9cf89cb36719ef311581f3136.dll,#12⤵
- Installs/modifies Browser Helper Object
- Modifies registry class
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
172KB