3a7732ace756fbb70d75151b1c4c20f6925881736afce878618dd8bd1e362621 | Triage

Analysis

max time kernel
196s
max time network
209s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
02/12/2022, 21:50

Sharing

Report Analysis Logs

General

Target

3a7732ace756fbb70d75151b1c4c20f6925881736afce878618dd8bd1e362621.dll
Size

3KB
MD5

2f30bfee1ae8ddbb095da2d14dd83e20
SHA1

cecdb42d736de500ba6dcc8dd79b82a72508d7e1
SHA256

3a7732ace756fbb70d75151b1c4c20f6925881736afce878618dd8bd1e362621
SHA512

8c720b971dab517bc2575c97d289a3ad5e29b8489df39539c98ce561d145bc068cb6cc9878a462a2557f45d43eb29d01313dc933d8a7c37acdf5d3502021437b

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 220 wrote to memory of 100	220	rundll32.exe	82
PID 220 wrote to memory of 100	220	rundll32.exe	82
PID 220 wrote to memory of 100	220	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\3a7732ace756fbb70d75151b1c4c20f6925881736afce878618dd8bd1e362621.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:220
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\3a7732ace756fbb70d75151b1c4c20f6925881736afce878618dd8bd1e362621.dll,#1
  2⤵
  PID:100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads