Overview

overview

3

Static

static

3

65ab7ed9f2...8b.dll

windows7-x64

1

65ab7ed9f2...8b.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/07/2023, 19:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    65ab7ed9f2cb7d0146bd0ed63a66449fd7151a1ffccaf288f5119dc3c465f48b.dll

  • Size

    788KB

  • MD5

    76b8601efc71d7ab64980160ff4e6c30

  • SHA1

    93983eb916183c891ef6c646cb6bf98a35349d97

  • SHA256

    65ab7ed9f2cb7d0146bd0ed63a66449fd7151a1ffccaf288f5119dc3c465f48b

  • SHA512

    a7e569905e85cdec8e2674884041489a3e0ed8ba551dda9629d470fd6aa282f4f20d2488b05b60051de38201b9acef89fcef37026033b48020c8a8ba8a57dd76

  • SSDEEP

    6144:eLtXZrHXQCSK51KRCzyioKQT8WTiQ+A24cbqLurWxduUQ8xiwMeIm8iOkYH7fjSB:eLtxHNTwCzyint3QS/KxYgUeIZd4LwM

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\65ab7ed9f2cb7d0146bd0ed63a66449fd7151a1ffccaf288f5119dc3c465f48b.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3248
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\65ab7ed9f2cb7d0146bd0ed63a66449fd7151a1ffccaf288f5119dc3c465f48b.dll,#1
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:4644

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4644-133-0x0000000010000000-0x00000000100EB000-memory.dmp

          Filesize

          940KB

          Download