46d082c3ec0f1e0ec77f756b3b22db8a83d289c0e0d818f63a73e032b5b0aa09

Analysis

max time kernel
68s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
04/12/2022, 00:39

Target

46d082c3ec0f1e0ec77f756b3b22db8a83d289c0e0d818f63a73e032b5b0aa09.dll
Size

4KB
MD5

9fc79c2a8c7b23730a769b77e5b98160
SHA1

989d6905e00385fb5680d25ebb59ddc130cb883f
SHA256

46d082c3ec0f1e0ec77f756b3b22db8a83d289c0e0d818f63a73e032b5b0aa09
SHA512

2848ee6d22c81af0d337c3ee2ff5cf04f33f9934027b7836862751af7f6fbe07074add740b6ab8200cb6faeaa4dd53d87cf701a36583e447fe7f90f5aa99d129
SSDEEP

48:a5zjMTGcITBVQVE1lcNHKz/jKYp6T9mRivWZOSLEi+VvqYhQJHfFZ6:iT3Qu8dKzeYpxCuxEXvqY+J/b6

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4988 wrote to memory of 2044	4988	rundll32.exe	81
PID 4988 wrote to memory of 2044	4988	rundll32.exe	81
PID 4988 wrote to memory of 2044	4988	rundll32.exe	81

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\46d082c3ec0f1e0ec77f756b3b22db8a83d289c0e0d818f63a73e032b5b0aa09.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4988
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\46d082c3ec0f1e0ec77f756b3b22db8a83d289c0e0d818f63a73e032b5b0aa09.dll,#1
  2⤵
  PID:2044