aed93659d873e322496a06d9fd756e5885593ec60c221697bbf103f3f9488b1b

Analysis

max time kernel
93s
max time network
113s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
20-12-2023 00:26

Target

aed93659d873e322496a06d9fd756e5885593ec60c221697bbf103f3f9488b1b.dll
Size

53KB
MD5

c489a5e33847ce806f5c1b799744a77e
SHA1

c81be2f8ebbda2963dd89a8438ae35b0c74ce069
SHA256

aed93659d873e322496a06d9fd756e5885593ec60c221697bbf103f3f9488b1b
SHA512

d40926a2f2033a6c0a60a8d131a95aab422b4c5d746c82548e70bb3478d9a9d33c327cce9e9b1fbdd231bb4260cb026bd18b4baa780afd3fd4f3c062f266ba57
SSDEEP

768:ImozCUAmQjjGRBgbYQ/Zjj9WjI0eQwj0FZV:LaCOjZV

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4612 wrote to memory of 3768	4612	rundll32.exe	53
PID 4612 wrote to memory of 3768	4612	rundll32.exe	53
PID 4612 wrote to memory of 3768	4612	rundll32.exe	53

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\aed93659d873e322496a06d9fd756e5885593ec60c221697bbf103f3f9488b1b.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4612
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\aed93659d873e322496a06d9fd756e5885593ec60c221697bbf103f3f9488b1b.dll,#1
  2⤵
  PID:3768