Overview

overview

1

Static

static

cbe245d0ee...73.dll

windows7-x64

1

cbe245d0ee...73.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    235s
  • max time network
    287s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-12-2022 23:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cbe245d0ee7e52c2f2cca1a3f7559fdd01ca9a2dda2d1e74712984cb80252c73.dll

  • Size

    4KB

  • MD5

    f20d357e7c0eb658bd4151bb65beac70

  • SHA1

    c3847ea456ed2b060cbce6437098922e6b84c2db

  • SHA256

    cbe245d0ee7e52c2f2cca1a3f7559fdd01ca9a2dda2d1e74712984cb80252c73

  • SHA512

    88be64e0507d1caccc7c44a04680471d09f8f0ecaaafd278a2340e4332509fd36177a52f6f851addc6ef881fe22534e23f845dd93c7f69201944796a0916cd74

  • SSDEEP

    48:qHupGeMcCB96DrhWHR0FiIsipZlM+u+eAPMDQHpyuLv6omDUBo:PMXB0rw0MI/pwbd7Uq

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbe245d0ee7e52c2f2cca1a3f7559fdd01ca9a2dda2d1e74712984cb80252c73.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4812
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbe245d0ee7e52c2f2cca1a3f7559fdd01ca9a2dda2d1e74712984cb80252c73.dll,#1
      2⤵
        PID:3220

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads