d62d5d244133c6866babc16adc1cb55964f97b26220a0b0b0754a53e9cdf2cd2

Analysis

max time kernel
148s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
03/12/2022, 22:16

Target

d62d5d244133c6866babc16adc1cb55964f97b26220a0b0b0754a53e9cdf2cd2.dll
Size

6KB
MD5

e0a22de5bf418cb3027f87830a2074b0
SHA1

352be0f942b2361b49414a119d7914b486b9eef1
SHA256

d62d5d244133c6866babc16adc1cb55964f97b26220a0b0b0754a53e9cdf2cd2
SHA512

28fcc99e55ac5101e46ed3a518989fd48a78e13a7a9c8b6838000b33d3602ddbf59cb7af519cabe390b38bf1292451229eceb01fe2ccf13d1f15ceb21e934242
SSDEEP

96:z0QR9B6BvAwbIJS6xCw5zo6snaEto+gd2WoO8:JR94/bUbzsn/jt

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4648 wrote to memory of 4584	4648	rundll32.exe	83
PID 4648 wrote to memory of 4584	4648	rundll32.exe	83
PID 4648 wrote to memory of 4584	4648	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\d62d5d244133c6866babc16adc1cb55964f97b26220a0b0b0754a53e9cdf2cd2.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4648
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\d62d5d244133c6866babc16adc1cb55964f97b26220a0b0b0754a53e9cdf2cd2.dll,#1
  2⤵
  PID:4584