e90566cb4749892ac21828eed527e7d1e01a02687e1180d5d6cf9931c0d55ef4 | Triage

Analysis

max time kernel
1562s
max time network
1566s
platform
windows7_x64
resource
win7-20230824-en
resource tags

arch:x64arch:x86image:win7-20230824-enlocale:en-usos:windows7-x64system
submitted
29/08/2023, 01:13

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

SpooferHandle.dll
Size

41KB
MD5

b0914c84476c51414efca5bd0224f146
SHA1

620be49a9ac83f8d55609b7325aca2f17c76722e
SHA256

fac13f49ff60c6b807837dc89a644bdce6738ea7a3d55945c71fee70f5da014c
SHA512

763b78eeb032ca0055618488ffd1f6b67e3e15ec3b4d57723ece932962bdd4d1bb4ac6fe8ab3cb43d1c63bf3e63f06e33831c803fb61ffcf6051eecc999591ed
SSDEEP

768:oG6gLRDcW5jtpf6gAbDsa5RXXltQwAdF98GxCJwSkgg:9pcOjegML5RltZfg

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1948	rundll32.exe
1948	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\SpooferHandle.dll,#1
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1948-0-0x00000000770A0000-0x0000000077249000-memory.dmp

Filesize
1.7MB

Download
memory/1948-1-0x0000000076E70000-0x0000000076E71000-memory.dmp

Filesize
4KB

Download
memory/1948-2-0x00000000770A0000-0x0000000077249000-memory.dmp

Filesize
1.7MB

Download
memory/1948-3-0x00000000770A0000-0x0000000077249000-memory.dmp

Filesize
1.7MB

Download