Analysis
-
max time kernel
239s -
max time network
302s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
07-12-2022 13:25
Static task
static1
Behavioral task
behavioral1
Sample
fondest.tmp.dll
Resource
win7-20220901-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
fondest.tmp.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
fondest.tmp.dll
-
Size
497KB
-
MD5
25f28cb2e56bdbe858e5c82b1fba4d14
-
SHA1
6ad8bebc78b0dfc47a894ee516e39eeee810c5f0
-
SHA256
96d2f4131542e1b4a6e9bba0bf3807008cb8340e7d247b464fdbebe11031d9e2
-
SHA512
7544d384847b7131e64d2c4c0a022b257455d0d2714d9a1f00df11c3cd7ed45917738a98618f4fbccce4c1a3f9541b09f95d7e19f0cd000beec95eb98d99621a
-
SSDEEP
6144:kc0+H0LwX/ei0iPlJgQwggr6cAhMtnEbER8wvyRaY4lls1yc8UQw8Mz1fu:D06cilJy9tnY+yTcm8UQw8Mzxu
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 1836 wrote to memory of 4340 1836 rundll32.exe rundll32.exe PID 1836 wrote to memory of 4340 1836 rundll32.exe rundll32.exe PID 1836 wrote to memory of 4340 1836 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4340-132-0x0000000000000000-mapping.dmp