521b5414a33ad47cf942ee9553b4ccdac9fe39ba0da869a25767fafdcbeb982e

Analysis

max time kernel
150s
max time network
175s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
06/12/2022, 01:31

Target

521b5414a33ad47cf942ee9553b4ccdac9fe39ba0da869a25767fafdcbeb982e.dll
Size

7KB
MD5

75175d780318b97731d39ee7d943e9a0
SHA1

afb05b0f917d2abe13fa1016e7e628759d299571
SHA256

521b5414a33ad47cf942ee9553b4ccdac9fe39ba0da869a25767fafdcbeb982e
SHA512

22950e018d7f2919b773bdd34467cdde53e216445fc1c1cd843d566a19bdab49f34cddf0c7503fecb311eacea32d6a007b4e5a2a354abf99cf710e64c28dc7f2
SSDEEP

96:z0/gPtJrYmVjGwd+8blPDDDDDDDDEZSB61Gq+6BQ4:FTiS+siZL1L+6B

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4632 wrote to memory of 344	4632	rundll32.exe	83
PID 4632 wrote to memory of 344	4632	rundll32.exe	83
PID 4632 wrote to memory of 344	4632	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\521b5414a33ad47cf942ee9553b4ccdac9fe39ba0da869a25767fafdcbeb982e.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4632
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\521b5414a33ad47cf942ee9553b4ccdac9fe39ba0da869a25767fafdcbeb982e.dll,#1
  2⤵
  PID:344