2e091381e0f440c7d1c0172c073d864cd10576ce53248ec6e6fa42f8615f5e65

Analysis

max time kernel
91s
max time network
105s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
27/12/2022, 10:00

Target

_____/LMIGuardianDll.dll
Size

73KB
MD5

0c42272fc379290471bfc7a33013ff2f
SHA1

4941277a094200dc89f8847d1f5f5a7de9a5a996
SHA256

ef2b6b411b79f751d73e824302ca00ff9f0d759a6eea02d2cfb11390d0e9379b
SHA512

d370aea9528de064fc0c3234ecac042a5738e66baf3c8278bcee5bf772337092fcf02edb0b0fd2365347007408ccf3e57dcc920aa04984368ed729556cd7174d
SSDEEP

1536:mLoQorXsMgIPGfuEpfxQjbDinHsZ2hQPhZPLdsWVcdb8BtnY:aoQobbgIuGEp6DinHsAUVYb8nnY

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2312 wrote to memory of 4880	2312	rundll32.exe	80
PID 2312 wrote to memory of 4880	2312	rundll32.exe	80
PID 2312 wrote to memory of 4880	2312	rundll32.exe	80

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\_____\LMIGuardianDll.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2312
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\_____\LMIGuardianDll.dll,#1
  2⤵
  PID:4880