Analysis
-
max time kernel
19s -
max time network
34s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
04-12-2022 17:33
General
-
Target
c5672049d5dde081d1000ce4316e5f77f2db206e552b55b6effe175419ba2b69.dll
-
Size
79KB
-
MD5
fcb374582979236759e3b5b3883f9882
-
SHA1
1ed5600375d54473311469dc3a18131999986466
-
SHA256
c5672049d5dde081d1000ce4316e5f77f2db206e552b55b6effe175419ba2b69
-
SHA512
9c3cc33db2394996192f4c9d5983cd307dc61530997f3d34ca52e406c07a70fc666fbbe9212a9b4191df3e0b1adc7176acce51e9346dec32ad4d9a2b14152d89
-
SSDEEP
1536:ehXoJQsd31wnQGQ4zWEuPh1qarIg5UnYNnVUn7Zqj8ZcEVY/5rGcU2+6L:eaJQsBqnQGQXjUaUnYNnV9jO8UWL
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\c5672049d5dde081d1000ce4316e5f77f2db206e552b55b6effe175419ba2b69.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\c5672049d5dde081d1000ce4316e5f77f2db206e552b55b6effe175419ba2b69.dll,#12⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/344-54-0x0000000000000000-mapping.dmp
-
memory/344-55-0x0000000075FF1000-0x0000000075FF3000-memory.dmpFilesize
8KB
-
memory/344-56-0x0000000010000000-0x0000000010023000-memory.dmpFilesize
140KB
-
memory/344-57-0x0000000010000000-0x0000000010023000-memory.dmpFilesize
140KB
-
memory/344-58-0x00000000000F0000-0x00000000000F5000-memory.dmpFilesize
20KB