Analysis
-
max time kernel
52s -
max time network
183s -
platform
windows10-1703_x64 -
resource
win10-20220901-en -
resource tags
arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system -
submitted
02-12-2022 16:25
Static task
static1
Behavioral task
behavioral1
Sample
12099 Dec 01.lnk
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
12099 Dec 01.lnk
Resource
win7-20220812-en
Behavioral task
behavioral3
Sample
161.dll
Resource
win10-20220901-en
Behavioral task
behavioral4
Sample
161.dll
Resource
win7-20220812-en
General
-
Target
161.dll
-
Size
600KB
-
MD5
7e0d3db8bc82120bb2e3fd6331e2316e
-
SHA1
4be555dad631c9806ef12d450c14e2d68c24ea66
-
SHA256
5774320ea6f7dfcf17b439739960f4bae5c852b8b30396934c75cf64a556312a
-
SHA512
ec0a62863a68b86f6c577c91bbb1793d3dd9d5bae1531077e5e4b3a72c2d948b4dc9f92242132e29c98bf19858ca886806891dffd1294b5a8e32e760bd046df8
-
SSDEEP
12288:QSUUEfo5I6/o2qgkpUdi9Msme0CWUdOWk4F:QSTiWDvL6Rme0C0Wk4
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 2764 wrote to memory of 356 2764 rundll32.exe rundll32.exe PID 2764 wrote to memory of 356 2764 rundll32.exe rundll32.exe PID 2764 wrote to memory of 356 2764 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/356-120-0x0000000000000000-mapping.dmp
-
memory/356-121-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-122-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-123-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-124-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-125-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-126-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-127-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-129-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-128-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-130-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-131-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-132-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-133-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-134-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-135-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-136-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-137-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-138-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-139-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-140-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-141-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-142-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-143-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-144-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-145-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-146-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-147-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-148-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-149-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-150-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-151-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-152-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-153-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-154-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-155-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-156-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-157-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-158-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-159-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-160-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-162-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-163-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-164-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB
-
memory/356-161-0x0000000077660000-0x00000000777EE000-memory.dmpFilesize
1.6MB