Analysis
-
max time kernel
84s -
max time network
97s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
06-01-2023 01:00
Behavioral task
behavioral1
Sample
c52a477158e2876d5422a3ab5c5f8b53eb67e1e5cdca84c443d2ce476f20e347.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
c52a477158e2876d5422a3ab5c5f8b53eb67e1e5cdca84c443d2ce476f20e347.dll
Resource
win10v2004-20220812-en
General
-
Target
c52a477158e2876d5422a3ab5c5f8b53eb67e1e5cdca84c443d2ce476f20e347.dll
-
Size
13KB
-
MD5
715bbc498edd4a4ff8062482f6a33092
-
SHA1
a2994ecd2430bfbcbbbf6df4cf4a63d4ff5e2020
-
SHA256
c52a477158e2876d5422a3ab5c5f8b53eb67e1e5cdca84c443d2ce476f20e347
-
SHA512
ef145da1fb591583cf79856eaaed986798a91538934c2fbb0c8c00e0ffc2cd971f2911605908d3b9b81f01b01a5e3e4d80ca44e13c165a419d8ccacb9a918a28
-
SSDEEP
192:6c+nM5KC/zxayGc3gzq7YjDaqzJCueT+RfbZne9s6PLlGtMP0tkYGijYc:J5Jxayczq7Yjt9lfle9s6PLaQ6kYGi8
Malware Config
Signatures
-
Blocklisted process makes network request 2 IoCs
Processes:
rundll32.exeflow pid process 2 952 rundll32.exe 4 952 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
rundll32.exepid process 952 rundll32.exe 952 rundll32.exe