26d411a3b95d3bb320c08e9121b23e90cbe679f68f6430296fba77444727dc0d | Triage

Analysis

max time kernel
144s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
24-12-2023 14:49

Sharing

Report Analysis Logs

General

Target

022e41f5549f0a7c1bbbfd3714af7e65.dll
Size

3KB
MD5

022e41f5549f0a7c1bbbfd3714af7e65
SHA1

e09cb179b7c0750e762478d32c2fc511e3fb2774
SHA256

26d411a3b95d3bb320c08e9121b23e90cbe679f68f6430296fba77444727dc0d
SHA512

24c5d5d71713ad369fe842739a8789a90ad693d5380c695498f6dc8732d6259e6eb61c968f47e24a90fa50be23e5ff6e5d1fd4266cfae5d56477855cd0d2d509

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1776 wrote to memory of 680	1776	rundll32.exe	17
PID 1776 wrote to memory of 680	1776	rundll32.exe	17
PID 1776 wrote to memory of 680	1776	rundll32.exe	17

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\022e41f5549f0a7c1bbbfd3714af7e65.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1776
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\022e41f5549f0a7c1bbbfd3714af7e65.dll,#1
  2⤵
  PID:680

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads