cc2d19281636bc10260cefa356846b429049d98582e9787f9c31c07d17b4d0f2

Analysis

max time kernel
150s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2022 04:48

Target

cc2d19281636bc10260cefa356846b429049d98582e9787f9c31c07d17b4d0f2.dll
Size

64KB
MD5

3d4885bf2ca8bf290e9458f1c8f121e9
SHA1

79d5f200a9ad7989a50aa26d357bfe8b742419e8
SHA256

cc2d19281636bc10260cefa356846b429049d98582e9787f9c31c07d17b4d0f2
SHA512

8730317c4de4d5ad6d0222110dafa95134232e147c7b25fc07f0c9c9452de9059d5c4ea302a15827c854099751d18dbfcb740bf14903563bfad9a5751bf7a8cf
SSDEEP

1536:9CYS7FefAORqYVJeBe6MTDSM2oABULz7Mpq5p/OcRJXDho:UKAzsJeByUUL0AXto

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3444 wrote to memory of 744	3444	rundll32.exe	81
PID 3444 wrote to memory of 744	3444	rundll32.exe	81
PID 3444 wrote to memory of 744	3444	rundll32.exe	81

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\cc2d19281636bc10260cefa356846b429049d98582e9787f9c31c07d17b4d0f2.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3444
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\cc2d19281636bc10260cefa356846b429049d98582e9787f9c31c07d17b4d0f2.dll,#1
  2⤵
  PID:744