93e9547fe175b476b9916b351f5133faf76fa102d8b02deaeed17fb922564cb1

Analysis

max time kernel
84s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
02-12-2022 02:09

Target

93e9547fe175b476b9916b351f5133faf76fa102d8b02deaeed17fb922564cb1.dll
Size

5KB
MD5

796e3f26c25aec6e65ee0b20d5fb1d10
SHA1

910527025f6425667a973a2fa260c0ed25980393
SHA256

93e9547fe175b476b9916b351f5133faf76fa102d8b02deaeed17fb922564cb1
SHA512

5de177f2713cca208e86aafc9c1e3af327038186ba6c571c1ee8946547b0326146b566530739a1b6984da3d1fc201d8bf46e9ef5a336acd137a241e8d227fc18
SSDEEP

96:XprYDpKnI6wJ+Ls7guyHejyn/I9l0iaiUbPtY:XUcA+ggd+W/If0iOy

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3496 wrote to memory of 1656	3496	rundll32.exe	81
PID 3496 wrote to memory of 1656	3496	rundll32.exe	81
PID 3496 wrote to memory of 1656	3496	rundll32.exe	81

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\93e9547fe175b476b9916b351f5133faf76fa102d8b02deaeed17fb922564cb1.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3496
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\93e9547fe175b476b9916b351f5133faf76fa102d8b02deaeed17fb922564cb1.dll,#1
  2⤵
  PID:1656