Analysis
-
max time kernel
20s -
max time network
23s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
14-06-2023 18:15
Behavioral task
behavioral1
Sample
plugins/stealth.dll
Resource
win7-20230220-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
plugins/stealth.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
plugins/stealth.dll
-
Size
33KB
-
MD5
1e8148c0ed59d81879b067d580980f61
-
SHA1
281b6e0bf1e794323410178d7a0f8f48c2c44059
-
SHA256
242d4a0ca869a650a41bf4be0e7a84001ccd3f85a5ac35c8445ae9d45754f845
-
SHA512
c38dccdbf4d183278d607ff703dab6ddd46cff3520947a682df309db3afe5fe6afceaca904faa0a70173667f6408c521fa90f84828fd463846a53608313ac57f
-
SSDEEP
768:YC/+lDa6D0fYeSnpOz4PQA0yKH40SkSno4xoha5F:tSDFnpDQCO4Az
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 3080 wrote to memory of 1924 3080 rundll32.exe rundll32.exe PID 3080 wrote to memory of 1924 3080 rundll32.exe rundll32.exe PID 3080 wrote to memory of 1924 3080 rundll32.exe rundll32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1924-133-0x0000000000400000-0x0000000000419000-memory.dmpFilesize
100KB