426c3ac1aa6de5076af3fd2be5faac844d5d029cba5546cc4c9b879ec05ebd01 | Triage

Analysis

max time kernel
149s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
07/07/2023, 08:48

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

7fc9e830756e23aa4b050f4ceaeb2a83cd71cfc0145392a0bc03037af373066b.dll
Size

22KB
MD5

5e1389b494edc86e17ff1783ed6b9d37
SHA1

fa71d067f8187a023334c5503e66fd9be2b73698
SHA256

7fc9e830756e23aa4b050f4ceaeb2a83cd71cfc0145392a0bc03037af373066b
SHA512

b1336d99c1dea80f6b668b69319230c7bb8d77070357715bbbd613ea374c8a03c3e06ebbc9eb69069623a18ae441b3689f971cddb79350ac1c3eba4a7c9462ea
SSDEEP

384:Zdxj2o0egNkLmKIVHSaGKHQr+AXMC9VxBKFs02kE70JOUo45VRVqlBqfA:Zn2o0oyHBGKHTAcCsmV10JtRV

Score

8^/10

Malware Config

Signatures

Blocklisted process makes network request 64 IoCs

flow	pid	Process
2	2340	rundll32.exe
7	2340	rundll32.exe
9	2340	rundll32.exe
11	2340	rundll32.exe
20	2340	rundll32.exe
21	2340	rundll32.exe
22	2340	rundll32.exe
23	2340	rundll32.exe
24	2340	rundll32.exe
25	2340	rundll32.exe
26	2340	rundll32.exe
27	2340	rundll32.exe
28	2340	rundll32.exe
29	2340	rundll32.exe
30	2340	rundll32.exe
31	2340	rundll32.exe
32	2340	rundll32.exe
33	2340	rundll32.exe
34	2340	rundll32.exe
35	2340	rundll32.exe
36	2340	rundll32.exe
37	2340	rundll32.exe
38	2340	rundll32.exe
39	2340	rundll32.exe
40	2340	rundll32.exe
41	2340	rundll32.exe
42	2340	rundll32.exe
43	2340	rundll32.exe
44	2340	rundll32.exe
45	2340	rundll32.exe
46	2340	rundll32.exe
47	2340	rundll32.exe
48	2340	rundll32.exe
55	2340	rundll32.exe
57	2340	rundll32.exe
58	2340	rundll32.exe
59	2340	rundll32.exe
60	2340	rundll32.exe
61	2340	rundll32.exe
62	2340	rundll32.exe
63	2340	rundll32.exe
64	2340	rundll32.exe
65	2340	rundll32.exe
66	2340	rundll32.exe
67	2340	rundll32.exe
68	2340	rundll32.exe
69	2340	rundll32.exe
70	2340	rundll32.exe
71	2340	rundll32.exe
72	2340	rundll32.exe
73	2340	rundll32.exe
74	2340	rundll32.exe
75	2340	rundll32.exe
76	2340	rundll32.exe
77	2340	rundll32.exe
78	2340	rundll32.exe
79	2340	rundll32.exe
80	2340	rundll32.exe
81	2340	rundll32.exe
82	2340	rundll32.exe
83	2340	rundll32.exe
84	2340	rundll32.exe
85	2340	rundll32.exe
86	2340	rundll32.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2340	rundll32.exe
2340	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\7fc9e830756e23aa4b050f4ceaeb2a83cd71cfc0145392a0bc03037af373066b.dll,#1
1⤵
- Blocklisted process makes network request
- Suspicious behavior: EnumeratesProcesses
PID:2340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2340-133-0x0000014D07820000-0x0000014D07821000-memory.dmp

Filesize
4KB

Download
memory/2340-140-0x00007FFD63140000-0x00007FFD6315E000-memory.dmp

Filesize
120KB

Download