Analysis

  • max time kernel
    165s
  • max time network
    193s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-12-2022 00:41

General

  • Target

    31abb8975350e73fd9405d05a5e529d66855fdcb3f5bbc327e5fd54b7855b919.dll

  • Size

    55KB

  • MD5

    82bcb07de540cd6f4a4606bd020f6df0

  • SHA1

    d8d50cd0ca8f39392acbbaa678c2d55715f321e6

  • SHA256

    31abb8975350e73fd9405d05a5e529d66855fdcb3f5bbc327e5fd54b7855b919

  • SHA512

    196e065a79b50b17854ed8dba5b2015a6302b7e40029d46b430922a4555554e2e0d914a52b9b84fb610fa5b84aa9abd81bdd7e6bbfa71c2b43edc5f787bbd0e8

  • SSDEEP

    1536:Mq/JmJSPdI0WJZo2p5SLaqkZk1UMkE5LOJ:z/JmJSPdtWLiLawGE0J

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\31abb8975350e73fd9405d05a5e529d66855fdcb3f5bbc327e5fd54b7855b919.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5016
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\31abb8975350e73fd9405d05a5e529d66855fdcb3f5bbc327e5fd54b7855b919.dll,#1
      2⤵
        PID:3408

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3408-132-0x0000000000000000-mapping.dmp