Overview

overview

3

Static

static

3

59dc4221a1...65.dll

windows7-x64

1

59dc4221a1...65.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    20/08/2023, 13:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    59dc4221a1e3429f18218f1f60475726157023e756dd185238cef0aa0581c265.dll

  • Size

    2.4MB

  • MD5

    7db064d0b6b7e05f716e084296b21346

  • SHA1

    2887d4d0a4613c29361ede96b44d630bf2036121

  • SHA256

    59dc4221a1e3429f18218f1f60475726157023e756dd185238cef0aa0581c265

  • SHA512

    a8b851e851aa3ff208ee07db87d73c371b384baf0bcc107cf083b4397df0660f1c1fc4b8156841f6b6499b24e38adbfa4d9c996fc2decf700b31584198f4dc8f

  • SSDEEP

    49152:8JGeh4dNh/IiHHpPBX4UPwRkPk+vRh1ietYP:8JGeh4d7/pB4UPwRkPk+vRh1ietY

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\59dc4221a1e3429f18218f1f60475726157023e756dd185238cef0aa0581c265.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2572
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\59dc4221a1e3429f18218f1f60475726157023e756dd185238cef0aa0581c265.dll,#1
      2⤵
        PID:1636

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads