Analysis

  • max time kernel
    152s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-10-2023 22:18

General

  • Target

    393487b684583b150f3a88b90f9901b9531ba75f19e2b6290a97d3b83bfa1184_JC.dll

  • Size

    899KB

  • MD5

    574f2b072dfd1fcbd5bb195668afb8e7

  • SHA1

    dd6c67e2cb51d3098009a2906664ac349ac212a9

  • SHA256

    393487b684583b150f3a88b90f9901b9531ba75f19e2b6290a97d3b83bfa1184

  • SHA512

    d6e1058282a93fed90aed9b7ea174ae6f5e0764bdbc35254d1d2e4b6ca62a19005819f16296e3af4b3b890ed30bcee3414d7d9091c58b1d48e6e803c4725a011

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXb:7wqd87Vb

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\393487b684583b150f3a88b90f9901b9531ba75f19e2b6290a97d3b83bfa1184_JC.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4536
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\393487b684583b150f3a88b90f9901b9531ba75f19e2b6290a97d3b83bfa1184_JC.dll,#1
      2⤵
      • Suspicious behavior: RenamesItself
      PID:5084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads