Analysis

  • max time kernel
    20s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    02-12-2022 02:19

General

  • Target

    1099.dll

  • Size

    600KB

  • MD5

    7270877051f4ce89a7067c6bb2f9268b

  • SHA1

    a12170aea707e2185692c429e2972b819acc9cc3

  • SHA256

    ad2ca74575501e503a5ca929529d3e2d19c94d464657203891dd80e1a20365bb

  • SHA512

    c25bcf7d513230ab6192649b379723bd82f794f7bf703ed1f2d18acb53795a2673859d11eb8ba6cd80696e2e85d3ecb9988b07496fbb10d1ef951bc21952eecb

  • SSDEEP

    12288:QSUUEfo5I6/o2qgkpUd99Msme0CWUdOWk4F:QSTiWDvLBRme0C0Wk4

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\1099.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1876
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\1099.dll,#1
      2⤵
        PID:1664

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1664-54-0x0000000000000000-mapping.dmp
    • memory/1664-55-0x00000000752B1000-0x00000000752B3000-memory.dmp
      Filesize

      8KB