Analysis
-
max time kernel
188s -
max time network
195s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
03/12/2022, 21:40
Static task
static1
Behavioral task
behavioral1
Sample
86d850b9d6ff0f54822a8d653d6d1b412a373b8fceccbe8d867f23e07f3339b6.dll
Resource
win7-20221111-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
86d850b9d6ff0f54822a8d653d6d1b412a373b8fceccbe8d867f23e07f3339b6.dll
Resource
win10v2004-20221111-en
1 signatures
150 seconds
General
-
Target
86d850b9d6ff0f54822a8d653d6d1b412a373b8fceccbe8d867f23e07f3339b6.dll
-
Size
3KB
-
MD5
1a409e2c05b5b5aa79756b5037bf9470
-
SHA1
ed692248193a576afa2ad9c07abc6a1a8f7247aa
-
SHA256
86d850b9d6ff0f54822a8d653d6d1b412a373b8fceccbe8d867f23e07f3339b6
-
SHA512
30d204051c38eca89d363b05132ae0d33a8648fe1e9c1a87841676828e2f33751907e7a327a8b838ab7cb3eaf497fe73e2bb2a55087037f4684831423d63a7f9
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4268 wrote to memory of 1684 4268 rundll32.exe 83 PID 4268 wrote to memory of 1684 4268 rundll32.exe 83 PID 4268 wrote to memory of 1684 4268 rundll32.exe 83
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\86d850b9d6ff0f54822a8d653d6d1b412a373b8fceccbe8d867f23e07f3339b6.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:4268 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\86d850b9d6ff0f54822a8d653d6d1b412a373b8fceccbe8d867f23e07f3339b6.dll,#12⤵PID:1684
-