Analysis
-
max time kernel
165s -
max time network
193s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
04-12-2022 00:41
Behavioral task
behavioral1
Sample
31abb8975350e73fd9405d05a5e529d66855fdcb3f5bbc327e5fd54b7855b919.dll
Resource
win7-20220812-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
31abb8975350e73fd9405d05a5e529d66855fdcb3f5bbc327e5fd54b7855b919.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
31abb8975350e73fd9405d05a5e529d66855fdcb3f5bbc327e5fd54b7855b919.dll
-
Size
55KB
-
MD5
82bcb07de540cd6f4a4606bd020f6df0
-
SHA1
d8d50cd0ca8f39392acbbaa678c2d55715f321e6
-
SHA256
31abb8975350e73fd9405d05a5e529d66855fdcb3f5bbc327e5fd54b7855b919
-
SHA512
196e065a79b50b17854ed8dba5b2015a6302b7e40029d46b430922a4555554e2e0d914a52b9b84fb610fa5b84aa9abd81bdd7e6bbfa71c2b43edc5f787bbd0e8
-
SSDEEP
1536:Mq/JmJSPdI0WJZo2p5SLaqkZk1UMkE5LOJ:z/JmJSPdtWLiLawGE0J
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 5016 wrote to memory of 3408 5016 rundll32.exe 81 PID 5016 wrote to memory of 3408 5016 rundll32.exe 81 PID 5016 wrote to memory of 3408 5016 rundll32.exe 81
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\31abb8975350e73fd9405d05a5e529d66855fdcb3f5bbc327e5fd54b7855b919.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:5016 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\31abb8975350e73fd9405d05a5e529d66855fdcb3f5bbc327e5fd54b7855b919.dll,#12⤵PID:3408
-