Analysis
-
max time kernel
31s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
16-02-2023 20:23
General
-
Target
f1473ab20ac64b0e66d6b8899cabb44b26d360e4166c794e78acaa3e3ea2a9ed.dll
-
Size
125KB
-
MD5
56bcea8eabd6c42019b8ee1a72b7f09c
-
SHA1
0427266ce390b11e02c87d4e53c0901cce5bc7c1
-
SHA256
f1473ab20ac64b0e66d6b8899cabb44b26d360e4166c794e78acaa3e3ea2a9ed
-
SHA512
fb17dd5c7f37541d0036c335447e6beba571b9b2e78114a96e125e36a22af155d3986dce56c60aa3b5b3f2d5f5c121960b46d4d8a54de10f8865385a479d5266
-
SSDEEP
1536:9DbES8gbErXSoSJN4hAxfFCsFJNo5aUouIAGyM4+6S2Z9QtxR+ea8htWYn6v:9nEbrCoRhAxM+NcaUb4yMJtP+sF6v
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\f1473ab20ac64b0e66d6b8899cabb44b26d360e4166c794e78acaa3e3ea2a9ed.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\f1473ab20ac64b0e66d6b8899cabb44b26d360e4166c794e78acaa3e3ea2a9ed.dll,#12⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1100-54-0x0000000000000000-mapping.dmp
-
memory/1100-55-0x00000000759F1000-0x00000000759F3000-memory.dmpFilesize
8KB
-
memory/1100-57-0x0000000010000000-0x0000000010041000-memory.dmpFilesize
260KB
-
memory/1100-58-0x0000000010000000-0x0000000010041000-memory.dmpFilesize
260KB
-
memory/1100-56-0x0000000010000000-0x0000000010041000-memory.dmpFilesize
260KB