Overview

overview

10

Static

static

fondest.tmp.dll

windows7-x64

10

fondest.tmp.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    239s
  • max time network
    302s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-12-2022 13:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fondest.tmp.dll

  • Size

    497KB

  • MD5

    25f28cb2e56bdbe858e5c82b1fba4d14

  • SHA1

    6ad8bebc78b0dfc47a894ee516e39eeee810c5f0

  • SHA256

    96d2f4131542e1b4a6e9bba0bf3807008cb8340e7d247b464fdbebe11031d9e2

  • SHA512

    7544d384847b7131e64d2c4c0a022b257455d0d2714d9a1f00df11c3cd7ed45917738a98618f4fbccce4c1a3f9541b09f95d7e19f0cd000beec95eb98d99621a

  • SSDEEP

    6144:kc0+H0LwX/ei0iPlJgQwggr6cAhMtnEbER8wvyRaY4lls1yc8UQw8Mz1fu:D06cilJy9tnY+yTcm8UQw8Mzxu

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\fondest.tmp.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1836
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\fondest.tmp.dll,#1
      2⤵
        PID:4340

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4340-132-0x0000000000000000-mapping.dmp
      Download