Analysis
-
max time kernel
54s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
09-12-2022 07:44
Static task
static1
Behavioral task
behavioral1
Sample
11168 Dec 01.lnk
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
11168 Dec 01.lnk
Resource
win10v2004-20221111-en
Behavioral task
behavioral3
Sample
194.dll
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
194.dll
Resource
win10v2004-20220812-en
General
-
Target
194.dll
-
Size
600KB
-
MD5
4921489da5dabe49feb8b1d4951e4e8a
-
SHA1
29c6a5278101828ff9ec9b4cb65b47509715c8ef
-
SHA256
1b786901f5ade0d0b869c545170270a94999f3f925a0029f3fe6308a803d66bf
-
SHA512
f550f4453e093cadcf5d00492132cb168b82c5e182c6e11d48e1103908b609e4c284d9faefa4af407478629d59fd26332269d161a7a57d04142491abbfb3d3b5
-
SSDEEP
12288:QSUUEfo5I6/o2qgkpUdc9Msme0CWUdOWk4F:QSTiWDvL8Rme0C0Wk4
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 268 wrote to memory of 460 268 rundll32.exe rundll32.exe PID 268 wrote to memory of 460 268 rundll32.exe rundll32.exe PID 268 wrote to memory of 460 268 rundll32.exe rundll32.exe PID 268 wrote to memory of 460 268 rundll32.exe rundll32.exe PID 268 wrote to memory of 460 268 rundll32.exe rundll32.exe PID 268 wrote to memory of 460 268 rundll32.exe rundll32.exe PID 268 wrote to memory of 460 268 rundll32.exe rundll32.exe