Analysis
-
max time kernel
37s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
02-12-2022 16:25
Static task
static1
Behavioral task
behavioral1
Sample
12099 Dec 01.lnk
Resource
win10-20220812-en
windows10-1703-x64
5 signatures
300 seconds
Behavioral task
behavioral2
Sample
12099 Dec 01.lnk
Resource
win7-20220812-en
windows7-x64
5 signatures
300 seconds
Behavioral task
behavioral3
Sample
161.dll
Resource
win10-20220901-en
windows10-1703-x64
1 signatures
300 seconds
Behavioral task
behavioral4
Sample
161.dll
Resource
win7-20220812-en
windows7-x64
1 signatures
300 seconds
General
-
Target
161.dll
-
Size
600KB
-
MD5
7e0d3db8bc82120bb2e3fd6331e2316e
-
SHA1
4be555dad631c9806ef12d450c14e2d68c24ea66
-
SHA256
5774320ea6f7dfcf17b439739960f4bae5c852b8b30396934c75cf64a556312a
-
SHA512
ec0a62863a68b86f6c577c91bbb1793d3dd9d5bae1531077e5e4b3a72c2d948b4dc9f92242132e29c98bf19858ca886806891dffd1294b5a8e32e760bd046df8
-
SSDEEP
12288:QSUUEfo5I6/o2qgkpUdi9Msme0CWUdOWk4F:QSTiWDvL6Rme0C0Wk4
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 2020 wrote to memory of 1472 2020 rundll32.exe rundll32.exe PID 2020 wrote to memory of 1472 2020 rundll32.exe rundll32.exe PID 2020 wrote to memory of 1472 2020 rundll32.exe rundll32.exe PID 2020 wrote to memory of 1472 2020 rundll32.exe rundll32.exe PID 2020 wrote to memory of 1472 2020 rundll32.exe rundll32.exe PID 2020 wrote to memory of 1472 2020 rundll32.exe rundll32.exe PID 2020 wrote to memory of 1472 2020 rundll32.exe rundll32.exe