92c22822fad23900e225f7a90c0206069365f321635d0561682c421f73419dd8

Analysis

max time kernel
171s
max time network
191s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2022 03:05

Target

92c22822fad23900e225f7a90c0206069365f321635d0561682c421f73419dd8.dll
Size

91KB
MD5

c6e69816c045e44b4bed951f4f6878a0
SHA1

12957548ab217e047205fda8a0eb97e0ea2a0a8f
SHA256

92c22822fad23900e225f7a90c0206069365f321635d0561682c421f73419dd8
SHA512

d06304c0b5bb46beb3e004283c500020a9b103198900d26e597fa206f89b1160648ca4b208b873c18e4b07e600d84171152ec58fcf8346392d205c32052bb102
SSDEEP

1536:376tUtJXi1awacYgJOr20X80u3IGmJa6Kacsk/Va8284+hWvxce1zGNYpMCPWwrv:37XtlLcYgJOak808mJa6KaO/VP6+hmxZ

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2244 wrote to memory of 3724	2244	rundll32.exe	80
PID 2244 wrote to memory of 3724	2244	rundll32.exe	80
PID 2244 wrote to memory of 3724	2244	rundll32.exe	80

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\92c22822fad23900e225f7a90c0206069365f321635d0561682c421f73419dd8.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2244
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\92c22822fad23900e225f7a90c0206069365f321635d0561682c421f73419dd8.dll,#1
  2⤵
  PID:3724