Overview

overview

7

Static

static

7

2e15dddef8...ee.dll

windows7-x64

1

2e15dddef8...ee.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/03/2023, 04:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2e15dddef8a86b73627a2032a558c249bec72cab11e9f1068a60074a3159a1ee.dll

  • Size

    2.1MB

  • MD5

    5db8820c9f1a7f1c516938cd308646f8

  • SHA1

    bc6fb5d848499a2758846e2970b492587fe49743

  • SHA256

    2e15dddef8a86b73627a2032a558c249bec72cab11e9f1068a60074a3159a1ee

  • SHA512

    ac513a09d6bb8f28b2f8b7bec6c44b82e686a9cac8375ce79bb3448a5ef1e4b146147a0dca64da3abdc792bb474ef765cfe70fb301b2047cd548d625e0576dd6

  • SSDEEP

    49152:qPgsBDixt/Xvg1dMHC7uw8Nxd8uP/NroZoJtAKP:yBg/41dQCd8bWuPVvJtA+

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\2e15dddef8a86b73627a2032a558c249bec72cab11e9f1068a60074a3159a1ee.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4936
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\2e15dddef8a86b73627a2032a558c249bec72cab11e9f1068a60074a3159a1ee.dll,#1
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:1404

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads