Analysis
-
max time kernel
31s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
09-06-2023 19:44
Behavioral task
behavioral1
Sample
a3d83acb0350c4a1df207667144b6f195b97fc585589cc11cdf683d19d7ff99b.dll
Resource
win7-20230220-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
a3d83acb0350c4a1df207667144b6f195b97fc585589cc11cdf683d19d7ff99b.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
a3d83acb0350c4a1df207667144b6f195b97fc585589cc11cdf683d19d7ff99b.dll
-
Size
123KB
-
MD5
7be968929a1e4e0c01d2ff4d182115a2
-
SHA1
c86d9fe9a76afc2c4998598e9386e71ef7788a78
-
SHA256
a3d83acb0350c4a1df207667144b6f195b97fc585589cc11cdf683d19d7ff99b
-
SHA512
aeca7463938e5c06ef0ebe39cfcb3b0c44d1ed78ff2a1ddbd94c2ab50a667429c7663d60fdc5dede8e35d70186a66cdbf30c8915fbdf632efc87589f3ab7410e
-
SSDEEP
3072:EJSvdeodCuXMRFaPj+2RqDazmmRBJkcinH3lZ:gSvRdO7N2w2zLxiX
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1972 wrote to memory of 904 1972 rundll32.exe rundll32.exe PID 1972 wrote to memory of 904 1972 rundll32.exe rundll32.exe PID 1972 wrote to memory of 904 1972 rundll32.exe rundll32.exe PID 1972 wrote to memory of 904 1972 rundll32.exe rundll32.exe PID 1972 wrote to memory of 904 1972 rundll32.exe rundll32.exe PID 1972 wrote to memory of 904 1972 rundll32.exe rundll32.exe PID 1972 wrote to memory of 904 1972 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\a3d83acb0350c4a1df207667144b6f195b97fc585589cc11cdf683d19d7ff99b.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1972 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\a3d83acb0350c4a1df207667144b6f195b97fc585589cc11cdf683d19d7ff99b.dll,#12⤵PID:904