0371c6f656a743217ba26ee46492798d3e5df547b3598e4c05da7b7d13058d95 | Triage

Analysis

max time kernel
127s
max time network
162s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
15/10/2023, 15:01

Sharing

Report Analysis Logs

General

Target

a8e78899434328b2dae1bc93a68683a0_dll32_JC.dll
Size

3KB
MD5

a8e78899434328b2dae1bc93a68683a0
SHA1

19b50d7adf9d95708763c3e849d7383f3576cb0c
SHA256

0371c6f656a743217ba26ee46492798d3e5df547b3598e4c05da7b7d13058d95
SHA512

d2f6f4763d83dd2a2f31df35f629059a47a42403f67833c1b013f799d5e726736f707f610fa4514e2af29bd77bd5b0581f90d8e3f6122f6166079f0d1d4733c5

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2644 wrote to memory of 4320	2644	rundll32.exe	55
PID 2644 wrote to memory of 4320	2644	rundll32.exe	55
PID 2644 wrote to memory of 4320	2644	rundll32.exe	55

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\a8e78899434328b2dae1bc93a68683a0_dll32_JC.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2644
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\a8e78899434328b2dae1bc93a68683a0_dll32_JC.dll,#1
  2⤵
  PID:4320

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads