721ff308a706259c674adbd7c1606f5d5636674dc372ab739f1224e0be06184a

Analysis

max time kernel
52s
max time network
64s
platform
windows10-1703_x64
resource
win10-20220901-en
resource tags

arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
submitted
15-02-2023 14:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

t/setupres.dll
Size

75KB
MD5

f1f9e9bd62292768f433c4f894eadb58
SHA1

835aac8aa29b747cd90d44b9fef5683bf0f1f6d9
SHA256

7863ad82f7e1c036e48e928433932177a14670033028b42f44dafeacb40a86a9
SHA512

e59b908e54d162abc2aa2d814b71d1ff62a4d2105d2f22df8e8371b760111de30ca6e4f77e14ccbc2ec49eba3ff1013d023edb9f72c89bada17eaf4558ca669c
SSDEEP

1536:71z1GbzJ50O6ZTVATfXqKtyoR5Lc+CQYsWjcdx6my+F:7tUvyAXqSdo6

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3316 wrote to memory of 3724	3316	rundll32.exe	66
PID 3316 wrote to memory of 3724	3316	rundll32.exe	66
PID 3316 wrote to memory of 3724	3316	rundll32.exe	66

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\t\setupres.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3316
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\t\setupres.dll,#1
  2⤵
  PID:3724

C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{FCC74B77-EC3E-4DD8-A80B-008A702075A9}
1⤵
PID:1112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1112-167-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-166-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-168-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-169-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-171-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-172-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-174-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-179-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-181-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-180-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-178-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-177-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-175-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-176-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-173-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/1112-170-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-149-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-158-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-135-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-136-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-137-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-138-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-139-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-140-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-141-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-143-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-142-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-145-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-146-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-144-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-147-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-148-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-151-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-150-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-152-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-153-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-154-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-155-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-156-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-157-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-134-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-160-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-161-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-162-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-159-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-163-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-164-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-165-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-133-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-132-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-131-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-129-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-130-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-128-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-127-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-125-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-126-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-124-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-123-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-122-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-121-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-120-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-119-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download
memory/3724-118-0x00000000771E0000-0x000000007736E000-memory.dmp

Filesize
1.6MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads