Analysis
-
max time kernel
203s -
max time network
209s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
03-12-2022 23:20
Static task
static1
Behavioral task
behavioral1
Sample
1416ddc33012bc3f78a3e4cd57257058d47165f74e9360659f0c1e0ff17063b1.dll
Resource
win7-20220812-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
1416ddc33012bc3f78a3e4cd57257058d47165f74e9360659f0c1e0ff17063b1.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
1416ddc33012bc3f78a3e4cd57257058d47165f74e9360659f0c1e0ff17063b1.dll
-
Size
5KB
-
MD5
eb990d75182bbd843f9ba083f3678610
-
SHA1
da14705235d1503e7eade7d9c63da7b5c2469537
-
SHA256
1416ddc33012bc3f78a3e4cd57257058d47165f74e9360659f0c1e0ff17063b1
-
SHA512
1083790c081935645e2b0206664c076c45bafab6f036147237967da2a10417c345c25f484bce043f447d577ebc9648d87ce25939bee268ab7a40bbbc506c3a43
-
SSDEEP
96:XprYDpKnI6wJ+Ls7guyHejyn/I9l0iairWf:XUcA+ggd+W/If0iVg
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1776 wrote to memory of 1624 1776 rundll32.exe 83 PID 1776 wrote to memory of 1624 1776 rundll32.exe 83 PID 1776 wrote to memory of 1624 1776 rundll32.exe 83
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1416ddc33012bc3f78a3e4cd57257058d47165f74e9360659f0c1e0ff17063b1.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1776 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1416ddc33012bc3f78a3e4cd57257058d47165f74e9360659f0c1e0ff17063b1.dll,#12⤵PID:1624
-