Analysis

  • max time kernel
    1735s
  • max time network
    1147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/10/2023, 10:38

General

  • Target

    gme.dll

  • Size

    180KB

  • MD5

    c9b8b6a88ce55942260ba910f37cbb86

  • SHA1

    ba131c0d6cbe223175319a9d8bc7b93db6481a92

  • SHA256

    acae38d5e18a442c42b0c8dfddd620a241cf397142ac99e59ac8893d6738f64b

  • SHA512

    a224064c1e7eda29348b8749e5620dd0f88241096f74d708aa98b7c9b849af2b203c04bf47b0919fd014e4267622e8a6aec9bdec28d73a443b8316452b2b7130

  • SSDEEP

    3072:ZRHHMH7b8RpQ99BcplZeedffojr/fFJo77jCOf27vd/nFfvB21805/e/Uq8/JUFD:OH8RpQ99BcBeMwPfFW7qOiFnBl0r4OKx

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\gme.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4528
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\gme.dll,#1
      2⤵
        PID:864

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads