Analysis
-
max time kernel
29s -
max time network
31s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
12-06-2023 17:34
Behavioral task
behavioral1
Sample
e40000.dll
Resource
win7-20230220-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
e40000.dll
Resource
win10v2004-20230221-en
5 signatures
150 seconds
General
-
Target
e40000.dll
-
Size
129KB
-
MD5
ac77c3f304a7b4b9c0384fc6528a701b
-
SHA1
790c8dbac00599f98b5832f98144db5b42337e83
-
SHA256
463158091de1c6daa60498bf425f6b66072c2836210b9d449192e170ef9e34ea
-
SHA512
4f187918fc3c035a2f6c2695955109149b9d97a4a886349ea69893e4fd472d1232d822419fdeb3a00690e6f40fd17a377f7797d21ac8bb9033f0402c0c7189ce
-
SSDEEP
3072:hST5hTsRkHO+fia51+MAevJ+mJfh18TBfwCKLx:OsRkOXa7+JevJJJfh18TBICW
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1268 wrote to memory of 1344 1268 rundll32.exe rundll32.exe PID 1268 wrote to memory of 1344 1268 rundll32.exe rundll32.exe PID 1268 wrote to memory of 1344 1268 rundll32.exe rundll32.exe PID 1268 wrote to memory of 1344 1268 rundll32.exe rundll32.exe PID 1268 wrote to memory of 1344 1268 rundll32.exe rundll32.exe PID 1268 wrote to memory of 1344 1268 rundll32.exe rundll32.exe PID 1268 wrote to memory of 1344 1268 rundll32.exe rundll32.exe