fec4a1e000d4ed061e825fb3f6f555f1341ba99a03c04ed9f819d8635c04465b

Analysis

max time kernel
124s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20230831-en
resource tags

arch:x64arch:x86image:win10v2004-20230831-enlocale:en-usos:windows10-2004-x64system
submitted
01-09-2023 03:44

Target

Hack Launcher/source/mingwm10.dll
Size

11KB
MD5

dbda60d92e774b4acb3b1cd71f909426
SHA1

66bfe06a16025f574323a0ce64dcc7c8216eb56c
SHA256

56a59dae638d9bb45ce729a5d6fdfb0ecbe88b37047e4d6d20dbdef1fc90bd72
SHA512

993a1f4af21cd5e13c3b8059cf483b10a58beb0d1777703ea07e9dcb5e7f681fa774e770abe9b6b4ca66b348997da0218d0ff67f18fcca1b3ca1ece2551d965a
SSDEEP

96:ahfuHOIHxyOPLrHU4D+wdzpHvqsKZKnKTBKVhKRHK2FoSK8KcfK5uKxGKlJKHItQ:iuHOIE8rHI6RJyLTR24GEv

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3684 wrote to memory of 936	3684	rundll32.exe	83
PID 3684 wrote to memory of 936	3684	rundll32.exe	83
PID 3684 wrote to memory of 936	3684	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Hack Launcher\source\mingwm10.dll",#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3684
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Hack Launcher\source\mingwm10.dll",#1
  2⤵
  PID:936