93e15e4e7863b8b0841db7725746afa287057942958d45e484dd6037fbb704f9 | Triage

Analysis

max time kernel
201s
max time network
210s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2022 10:53

Sharing

Report Analysis Logs

General

Target

93e15e4e7863b8b0841db7725746afa287057942958d45e484dd6037fbb704f9.dll
Size

4KB
MD5

1c0998bb976568c746b8ef1ba9c85f10
SHA1

efa1522e3affa594d2bafa6ad6512c743d839c4c
SHA256

93e15e4e7863b8b0841db7725746afa287057942958d45e484dd6037fbb704f9
SHA512

3a6d5c9d32555f7424352491e97bf69cb51977dc0ed9cb0912178ed6d68467b6c682888fc91de4bed9c995f1f1990ca1f9382bb678373346e66a951898611b3b

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2104 wrote to memory of 4768	2104	rundll32.exe	81
PID 2104 wrote to memory of 4768	2104	rundll32.exe	81
PID 2104 wrote to memory of 4768	2104	rundll32.exe	81

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\93e15e4e7863b8b0841db7725746afa287057942958d45e484dd6037fbb704f9.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2104
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\93e15e4e7863b8b0841db7725746afa287057942958d45e484dd6037fbb704f9.dll,#1
  2⤵
  PID:4768

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4768-132-0x0000000000000000-mapping.dmp

Download