22d2a2d79bd0c46450130807297f7ee61e40f45a4107b8d3aa396298c1031f55

Analysis

max time kernel
91s
max time network
128s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2022 11:24

Target

22d2a2d79bd0c46450130807297f7ee61e40f45a4107b8d3aa396298c1031f55.dll
Size

120KB
MD5

821865c9445b567cad61c69b60a7767b
SHA1

7020ea71f839890f506efded4d7f9c129ff255fe
SHA256

22d2a2d79bd0c46450130807297f7ee61e40f45a4107b8d3aa396298c1031f55
SHA512

e2967fd67550d7b888de56507ea6aa236848b7ffe64bd0288d15fdeab27f65e6ee73319bda2286ba42342abe737ffea54e5f0035cb53c4881570fcc5f41b533d
SSDEEP

3072:92keQ3ilA7DtSqbGncIV2iME81rXjmUcHzg3GGC:cAfMq0ZMEKuUcHzK

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2804 wrote to memory of 648	2804	rundll32.exe	82
PID 2804 wrote to memory of 648	2804	rundll32.exe	82
PID 2804 wrote to memory of 648	2804	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\22d2a2d79bd0c46450130807297f7ee61e40f45a4107b8d3aa396298c1031f55.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2804
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\22d2a2d79bd0c46450130807297f7ee61e40f45a4107b8d3aa396298c1031f55.dll,#1
  2⤵
  PID:648