Analysis
-
max time kernel
142s -
max time network
166s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system -
submitted
12-10-2023 07:30
Static task
static1
Behavioral task
behavioral1
Sample
1a0e56f0d495466abdfea53691cc49209b3b727b2952db5e2c3c43d555bde78b.dll
Resource
win7-20230831-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
1a0e56f0d495466abdfea53691cc49209b3b727b2952db5e2c3c43d555bde78b.dll
Resource
win10v2004-20230915-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
1a0e56f0d495466abdfea53691cc49209b3b727b2952db5e2c3c43d555bde78b.dll
-
Size
2.0MB
-
MD5
d59885990e67b6b2588b55f029ca143f
-
SHA1
33d53a6a9266de00eae9939fe06e599d4c384cc0
-
SHA256
1a0e56f0d495466abdfea53691cc49209b3b727b2952db5e2c3c43d555bde78b
-
SHA512
6ab759659e6e199dd60912c0bb33b01cdb8e45843508e70db7f1a033b7efa856151e01c7e9f50cb5e172dcd408a6510cefab55f027d3e788ca2053d143b518e0
-
SSDEEP
49152:NidGTn9pgHPqA4v91WDM0CEzoTNUitBNOLQP:NidS9VAC1WD9HL0
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3808 wrote to memory of 2356 3808 rundll32.exe 86 PID 3808 wrote to memory of 2356 3808 rundll32.exe 86 PID 3808 wrote to memory of 2356 3808 rundll32.exe 86
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1a0e56f0d495466abdfea53691cc49209b3b727b2952db5e2c3c43d555bde78b.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:3808 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1a0e56f0d495466abdfea53691cc49209b3b727b2952db5e2c3c43d555bde78b.dll,#12⤵PID:2356
-