46b2f516dc41fa52b4c3a251b0af5f713aafd60875494da5a351503f68a3f69b

Analysis

max time kernel
28s
max time network
31s
platform
windows7_x64
resource
win7-20230621-en
resource tags

arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
submitted
23-06-2023 19:07

Target

46b2f516dc41fa52b4c3a251b0af5f713aafd60875494da5a351503f68a3f69b.dll
Size

64KB
MD5

d8cff4de7baf67253798daf51be0beff
SHA1

459b5bc022f3e69fcb4ea71c301b964e3fa58627
SHA256

46b2f516dc41fa52b4c3a251b0af5f713aafd60875494da5a351503f68a3f69b
SHA512

763b939507403797a8ab9d7c8199ecd2089c5d7102a2e47763ac1d7c7aff119261b96357ecf1ee9348ca0b8da9e817bac4374601c538dc02e14c2b9deeaa0495
SSDEEP

1536:MY0u1VmBOWAxsUBst5/QkhKLieBsQ4zlKBZ:MY0mvDkhaieBsQ2lKH

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 1044 wrote to memory of 2024	1044	rundll32.exe	rundll32.exe
PID 1044 wrote to memory of 2024	1044	rundll32.exe	rundll32.exe
PID 1044 wrote to memory of 2024	1044	rundll32.exe	rundll32.exe
PID 1044 wrote to memory of 2024	1044	rundll32.exe	rundll32.exe
PID 1044 wrote to memory of 2024	1044	rundll32.exe	rundll32.exe
PID 1044 wrote to memory of 2024	1044	rundll32.exe	rundll32.exe
PID 1044 wrote to memory of 2024	1044	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\46b2f516dc41fa52b4c3a251b0af5f713aafd60875494da5a351503f68a3f69b.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1044

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\46b2f516dc41fa52b4c3a251b0af5f713aafd60875494da5a351503f68a3f69b.dll,#1
2⤵
PID:2024