Analysis
-
max time kernel
141s -
max time network
140s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
-
submitted
14-06-2023 20:33
General
-
Target
0e8927bfc318328c4623c86684534071ed6c3dc14c445174a2161c618b39c4d5.dll
-
Size
149KB
-
MD5
061e24e3c909e73a6d16ce75dcd9d11e
-
SHA1
642e3afba188dbee2566045c2634fc2f18546fc5
-
SHA256
0e8927bfc318328c4623c86684534071ed6c3dc14c445174a2161c618b39c4d5
-
SHA512
9b7c6aae9592b542de4cfcc349c8bc0329c49e1913ec32458eaf938849cf6008d06d1962fea1b863b64e9cd78ce2cf22bbfc819858fc1597ec2ea313157ed24e
-
SSDEEP
3072:CIxY7PFdz01HxiAZN4fisQZUmO1O5AwcfAg0FujBVpKbHycI9KP:z+7IFxPKfisQZCDfAONhcI9
Score
8/10
Malware Config
Signatures
-
Blocklisted process makes network request 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0e8927bfc318328c4623c86684534071ed6c3dc14c445174a2161c618b39c4d5.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0e8927bfc318328c4623c86684534071ed6c3dc14c445174a2161c618b39c4d5.dll,#12⤵
- Blocklisted process makes network request
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2544-133-0x0000000074EF0000-0x0000000074F30000-memory.dmpFilesize
256KB
-
memory/2544-134-0x0000000074EF0000-0x0000000074F30000-memory.dmpFilesize
256KB
-
memory/2544-135-0x0000000074EF0000-0x0000000074F30000-memory.dmpFilesize
256KB
-
memory/2544-136-0x0000000074EF0000-0x0000000074F30000-memory.dmpFilesize
256KB
-
memory/2544-148-0x0000000074EF0000-0x0000000074F30000-memory.dmpFilesize
256KB
-
memory/2544-149-0x0000000074EF0000-0x0000000074F30000-memory.dmpFilesize
256KB