Overview

overview

3

Static

static

cc4c3e00e4...56.dll

windows7-x64

1

cc4c3e00e4...56.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    37s
  • max time network
    41s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    05/12/2022, 05:40

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    cc4c3e00e44f870f8d8e717efb23837e28078686e00c6baa651522d83a8fc656.dll

  • Size

    826KB

  • MD5

    9464cda69e8b25efedd48f5925b1b5af

  • SHA1

    23035a0ee658823e92a4bec1f3fc0310701a3485

  • SHA256

    cc4c3e00e44f870f8d8e717efb23837e28078686e00c6baa651522d83a8fc656

  • SHA512

    fee3a54cfa568fe69c132371a1054dad71b83a8ba37a7e77b74e588230994ca232ecc5c0a28b788df84b7cabc9d3b237a870677d751384e2925e09e167bd3043

  • SSDEEP

    24576:UJ/EdcdRg6clNpClRLTFNR7PDoRSBdV99z:UJ/Ed6pvFdv9z

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\cc4c3e00e44f870f8d8e717efb23837e28078686e00c6baa651522d83a8fc656.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1672
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\cc4c3e00e44f870f8d8e717efb23837e28078686e00c6baa651522d83a8fc656.dll,#1
      2⤵
        PID:1644

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1644-55-0x0000000075BD1000-0x0000000075BD3000-memory.dmp

            Filesize

            8KB

            Download

          • memory/1644-56-0x00000000006B0000-0x00000000007AA000-memory.dmp

            Filesize

            1000KB

            Download