Overview

overview

10

Static

static

10

5ff5e8e04a...e9.dll

windows7-x64

1

5ff5e8e04a...e9.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    232s
  • max time network
    332s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    07-05-2023 02:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5ff5e8e04a6614b0465ad7893c5cfee3a66cc150442b331a3d7d40b6117640e9.dll

  • Size

    224KB

  • MD5

    ec440b6005f10d86055bee77759ca9ae

  • SHA1

    dd084d3d2e1c69241b0331aa9786b4eaa41f2128

  • SHA256

    5ff5e8e04a6614b0465ad7893c5cfee3a66cc150442b331a3d7d40b6117640e9

  • SHA512

    907c7f09d1aac22b8032c3284550cdb7ea00809602719dfcce59252d85afb81c8fa6a819438e510096451f0142f3119632538d0bae665642a2f191cc64d6dc6e

  • SSDEEP

    1536:y0RjLxJ6ayZ+BjfJCp7Mg0NSLfG6amTH/1eq2GjNhXxyr1b/U4gguBKgBnouy8:yIHSTMgISlaWEq2Gjnxyh/U4gguJout

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\5ff5e8e04a6614b0465ad7893c5cfee3a66cc150442b331a3d7d40b6117640e9.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:580
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\5ff5e8e04a6614b0465ad7893c5cfee3a66cc150442b331a3d7d40b6117640e9.dll,#1
      2⤵
        PID:1432

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1432-54-0x0000000075310000-0x0000000075348000-memory.dmp

      Filesize

      224KB

      Download

    • memory/1432-55-0x00000000752D0000-0x0000000075308000-memory.dmp

      Filesize

      224KB

      Download

    • memory/1432-56-0x0000000075310000-0x0000000075348000-memory.dmp

      Filesize

      224KB

      Download

    • memory/1432-57-0x00000000752D0000-0x0000000075308000-memory.dmp

      Filesize

      224KB

      Download

    • memory/1432-58-0x00000000752D0000-0x0000000075350000-memory.dmp

      Filesize

      512KB

      Download