Overview

overview

10

Static

static

10

c52a477158...47.dll

windows7-x64

8

c52a477158...47.dll

windows10-2004-x64

8

Analysis

  • max time kernel
    103s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-01-2023 01:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c52a477158e2876d5422a3ab5c5f8b53eb67e1e5cdca84c443d2ce476f20e347.dll

  • Size

    13KB

  • MD5

    715bbc498edd4a4ff8062482f6a33092

  • SHA1

    a2994ecd2430bfbcbbbf6df4cf4a63d4ff5e2020

  • SHA256

    c52a477158e2876d5422a3ab5c5f8b53eb67e1e5cdca84c443d2ce476f20e347

  • SHA512

    ef145da1fb591583cf79856eaaed986798a91538934c2fbb0c8c00e0ffc2cd971f2911605908d3b9b81f01b01a5e3e4d80ca44e13c165a419d8ccacb9a918a28

  • SSDEEP

    192:6c+nM5KC/zxayGc3gzq7YjDaqzJCueT+RfbZne9s6PLlGtMP0tkYGijYc:J5Jxayczq7Yjt9lfle9s6PLaQ6kYGi8

Score
8/10

Malware Config

Signatures

  • Blocklisted process makes network request 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\c52a477158e2876d5422a3ab5c5f8b53eb67e1e5cdca84c443d2ce476f20e347.dll,#1
    1⤵
    • Blocklisted process makes network request
    • Suspicious behavior: EnumeratesProcesses
    PID:4692

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads