3a45cc047ce21c9d8102298c561c70f2e6bb32f7b5e325b2afcb42d192b2522e

Analysis

max time kernel
122s
max time network
127s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
31-08-2023 22:29

Target

3a45cc047ce21c9d8102298c561c70f2e6bb32f7b5e325b2afcb42d192b2522e.dll
Size

51KB
MD5

73bcf98b4f6b7352fc199b45ba3f373b
SHA1

a9acef92105bee2b3f763138c18ad0243c6b47df
SHA256

3a45cc047ce21c9d8102298c561c70f2e6bb32f7b5e325b2afcb42d192b2522e
SHA512

145ab0f5bf7a7d43b21150222a56bd66aea0d6787cec23a4b4ef07c44cafdb9b7654bedff7e4c1870163f251f8aed8a2883bfe564ff830ff5c8320b97c79315a
SSDEEP

768:3Er7XR1M6t6FikUE58ozVOB+6QcXn0cE5Y18BtrEZJjuSkwFOBezXsAMC6Hh4:3EXXM2HEhzVWKtrEZFxFOBUpMC6H

Score

1^/10

Suspicious behavior: RenamesItself 1 IoCs

pid	Process
2300	rundll32.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2028 wrote to memory of 2300	2028	rundll32.exe	28
PID 2028 wrote to memory of 2300	2028	rundll32.exe	28
PID 2028 wrote to memory of 2300	2028	rundll32.exe	28
PID 2028 wrote to memory of 2300	2028	rundll32.exe	28
PID 2028 wrote to memory of 2300	2028	rundll32.exe	28
PID 2028 wrote to memory of 2300	2028	rundll32.exe	28
PID 2028 wrote to memory of 2300	2028	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\3a45cc047ce21c9d8102298c561c70f2e6bb32f7b5e325b2afcb42d192b2522e.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2028
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\3a45cc047ce21c9d8102298c561c70f2e6bb32f7b5e325b2afcb42d192b2522e.dll,#1
  2⤵
  - Suspicious behavior: RenamesItself
  PID:2300