Analysis

  • max time kernel
    43s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    15-02-2023 14:00

General

  • Target

    t/SmadHook32.dll

  • Size

    70KB

  • MD5

    e1ed9b48016d43398cdf62a61c9b113d

  • SHA1

    b8e7183fba57ca867393ea4edf62fe60d1549c94

  • SHA256

    2e0b20fd34c70ec0566cb6e0852520fbab9452e3cb7aad8299ae841ac71733cf

  • SHA512

    4b5fd58c0d6a59d710d80f0bec216ba19d9e52c1516d799a991995bd7a9f6e45667f924ef7b7320773881d521a1059bb8a2686e1324ed8083c10ca68e1f48714

  • SSDEEP

    1536:24Hd4iaPI1/zhAP6YtnogaDc8zvsWjcdS78a:czw1/zeMzQSX

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\t\SmadHook32.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1788
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\t\SmadHook32.dll,#1
      2⤵
        PID:1628

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1628-55-0x0000000076201000-0x0000000076203000-memory.dmp

      Filesize

      8KB