Analysis
-
max time kernel
152s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
-
submitted
14-06-2023 19:24
General
-
Target
f91bd26c5da591d95b1950448bfc4cb1112e52abdfef802f3a912ac6b278d28e.dll
-
Size
1.3MB
-
MD5
78ee1ecedb4366aa0ea5014211fdb228
-
SHA1
33674bf5ecc75c463170f511c318805c74ff5ab6
-
SHA256
f91bd26c5da591d95b1950448bfc4cb1112e52abdfef802f3a912ac6b278d28e
-
SHA512
1dba2fb78ae74e3d2f68cc0576f1e7a62735445df761ec39113bae47ace4918b59d724c41a65178e685aa8d7db02059df8217e23bdec95b54f14294a7bf836b3
-
SSDEEP
24576:ZFXf0po+ekemrw2zABeob/EhoXdnRlreuvCQTJptkgtKlD980YDdV:ZmzEBtAMn3FvCsL7tY+X
Score
8/10
Malware Config
Signatures
-
Blocklisted process makes network request 64 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\f91bd26c5da591d95b1950448bfc4cb1112e52abdfef802f3a912ac6b278d28e.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\f91bd26c5da591d95b1950448bfc4cb1112e52abdfef802f3a912ac6b278d28e.dll,#12⤵
- Blocklisted process makes network request
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\K941J8ND\ACTYB2LA.htmFilesize
377KB
MD5654dd579229105aee816933cb2704978
SHA1d62c946fb7ec51d9b92ea6ba11d71789ff93ecde
SHA2563a9578b81167b2587253e759761f08b34fc7714a547677193ef21f3115180db7
SHA512af1328bc4a3992b1c02bad777bc5c18eb4c3c4cc84f964ae611b35684884cf74ac5637ad50b46f571032cb1522e8a558ac3944676a529be4700c4a3d82c2b53b