Overview

overview

7

Static

static

7

7f0a9d49db...92.dll

windows7-x64

1

7f0a9d49db...92.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-06-2023 02:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7f0a9d49db15899eee04c37b5afb5f97c2b37aa1129ff40c62dc58804014da92.dll

  • Size

    1.7MB

  • MD5

    1497d8db6552acfe271b13748597672f

  • SHA1

    6d14e1a924d363cce2e686245ddd67c5832c650a

  • SHA256

    7f0a9d49db15899eee04c37b5afb5f97c2b37aa1129ff40c62dc58804014da92

  • SHA512

    6341ac4a70c487bf34d9850d0d03688dbb08e40bf48e2257cb9927d2ff0494accc3b5819e2b62942b79b4249559cedf87bc5e961f78f055a32caa63a944e938a

  • SSDEEP

    49152:8yt/qU37IUvOftm5I/KKxXWtml7+mTH7X:1tCS7IUv2ZGs5xH7X

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\7f0a9d49db15899eee04c37b5afb5f97c2b37aa1129ff40c62dc58804014da92.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1280
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\7f0a9d49db15899eee04c37b5afb5f97c2b37aa1129ff40c62dc58804014da92.dll,#1
      2⤵
        PID:4052

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4052-133-0x0000000074A60000-0x0000000074DB6000-memory.dmp
      Filesize

      3.3MB

      Download
    • memory/4052-135-0x0000000002270000-0x0000000002271000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4052-134-0x0000000002030000-0x000000000207B000-memory.dmp
      Filesize

      300KB

      Download
    • memory/4052-136-0x00000000022A0000-0x00000000022A1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4052-138-0x00000000022B0000-0x00000000022B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4052-137-0x0000000002230000-0x0000000002231000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4052-140-0x0000000002280000-0x0000000002281000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4052-141-0x0000000002240000-0x0000000002241000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4052-139-0x0000000002250000-0x0000000002251000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4052-142-0x00000000027C0000-0x00000000027C2000-memory.dmp
      Filesize

      8KB

      Download
    • memory/4052-143-0x0000000074A60000-0x0000000074DB6000-memory.dmp
      Filesize

      3.3MB

      Download
    • memory/4052-145-0x0000000002030000-0x000000000207B000-memory.dmp
      Filesize

      300KB

      Download