Analysis
-
max time kernel
118s -
max time network
138s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
22/12/2023, 05:01
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
6cd4de5c3cde9843b3289b25caf32f47.dll
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
6cd4de5c3cde9843b3289b25caf32f47.dll
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
6cd4de5c3cde9843b3289b25caf32f47.dll
-
Size
658KB
-
MD5
6cd4de5c3cde9843b3289b25caf32f47
-
SHA1
1eb04c947380788f75fb6e6f1de5af0bff0e4a8c
-
SHA256
cd1d7845f789f835a02ed183124bffdb908dc5882142ddd07da2fe121e163761
-
SHA512
ae447563aa727a9a2b63d89b315fefcf9d3c8709ef8fbbf3455967123a93039ed6393f631c3e35996d70c713f5175bbab7aa9f8928ee38ad4e383f759952419a
-
SSDEEP
12288:Ci1Jw3pnHs9vIE+G3cdZHcD4bI/8H1pvL5tj112jGLF2eoRdDyLI3QApzkeqso7z:tfEpscdmZ/8HTL5tj112jGLF2eoRdDyt
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2232 wrote to memory of 2080 2232 rundll32.exe 15 PID 2232 wrote to memory of 2080 2232 rundll32.exe 15 PID 2232 wrote to memory of 2080 2232 rundll32.exe 15 PID 2232 wrote to memory of 2080 2232 rundll32.exe 15 PID 2232 wrote to memory of 2080 2232 rundll32.exe 15 PID 2232 wrote to memory of 2080 2232 rundll32.exe 15 PID 2232 wrote to memory of 2080 2232 rundll32.exe 15
Processes
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\6cd4de5c3cde9843b3289b25caf32f47.dll,#11⤵PID:2080
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\6cd4de5c3cde9843b3289b25caf32f47.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2232