bfad94e5806f5def18da5eb8e14882e1f7dc7f1faebd50243d82cb83a361fe70 | Triage

Analysis

max time kernel
77s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
03/12/2022, 10:51

Sharing

Report Analysis Logs

General

Target

bfad94e5806f5def18da5eb8e14882e1f7dc7f1faebd50243d82cb83a361fe70.dll
Size

4KB
MD5

b555b514b7927fadfaa827a1da4d9420
SHA1

71549466258a4d75549e6c84fb327b900b2e6f2d
SHA256

bfad94e5806f5def18da5eb8e14882e1f7dc7f1faebd50243d82cb83a361fe70
SHA512

c6050ed97b8ef2a3f01d97dee1833b09d81bea9ad84ff7c5cb896f13bbf1fa358690f017b87a9e633457e245fea230aa15c707a744ada167e84c61bf496243b7

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3724 wrote to memory of 3340	3724	rundll32.exe	60
PID 3724 wrote to memory of 3340	3724	rundll32.exe	60
PID 3724 wrote to memory of 3340	3724	rundll32.exe	60

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\bfad94e5806f5def18da5eb8e14882e1f7dc7f1faebd50243d82cb83a361fe70.dll,#1
1⤵
PID:3340

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\bfad94e5806f5def18da5eb8e14882e1f7dc7f1faebd50243d82cb83a361fe70.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads