d022ae6b7e40fb9e6c8fe80a1182ce583c34819b319c5d31173d317fe73e01f0 | Triage

Analysis

max time kernel
1361s
max time network
1153s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
10/07/2023, 16:07

Sharing

Report Analysis Logs

General

Target

suAauQfq.dll
Size

3KB
MD5

f0d3b3cecf181eaff5c4248898064d5e
SHA1

92b404d604f634d79b29c16eaba39760487a15f8
SHA256

d3684b235b9d5f51c9fb74b54e005e19e7038b772df2173ee4cb8bfb43b8bfd2
SHA512

cd38c53a59ec2e094af44a971a476512cb4a08393738d3af582d3a7e09c52b7571eaec948100f00fb2bb3f88b180f3fb6d39c4ffd3c05c393f7be96cdd2c9937

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3932 wrote to memory of 2804	3932	rundll32.exe	84
PID 3932 wrote to memory of 2804	3932	rundll32.exe	84
PID 3932 wrote to memory of 2804	3932	rundll32.exe	84

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\suAauQfq.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3932
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\suAauQfq.dll,#1
  2⤵
  PID:2804

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads