c4032bebd943ce413c4e79e7a046aba7228ba13997db96a679d08fce2839828a

Analysis

max time kernel
199s
max time network
217s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
15-10-2023 14:57

Target

996198d3740e51acfb417527828c4e90_dll32_JC.dll
Size

5KB
MD5

996198d3740e51acfb417527828c4e90
SHA1

26d74a8a9251311dbe932651db7d0562f7607ac4
SHA256

c4032bebd943ce413c4e79e7a046aba7228ba13997db96a679d08fce2839828a
SHA512

ea8424d61acea584feed2a606a44a4a027fa7dcc91527e78f7aa9d5907d9e66331c938766bce0aa4e47348322297d783d5bb9acecc608730bf9479bd97943c46
SSDEEP

48:C6VonAHso6U7lYa92RrpjwDmetlG95hx+iMHhc2MK59pppzXfoP+otanLrxJmpeZ:nEY2RrF1eqwi4S2MKx7TDy5d

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2388 wrote to memory of 2868	2388	rundll32.exe	85
PID 2388 wrote to memory of 2868	2388	rundll32.exe	85
PID 2388 wrote to memory of 2868	2388	rundll32.exe	85

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\996198d3740e51acfb417527828c4e90_dll32_JC.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2388
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\996198d3740e51acfb417527828c4e90_dll32_JC.dll,#1
  2⤵
  PID:2868