e8969369ac36235201f2680f6224fe17e5e3b6862b0ad9876f924df8bc6c101e

Analysis

max time kernel
119s
max time network
131s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 22:40

Target

40f179ad564079a59195c74bb1ec5602.dll
Size

26KB
MD5

40f179ad564079a59195c74bb1ec5602
SHA1

32a21748a9377e669c3b210e7a53e3e84b3e3b74
SHA256

e8969369ac36235201f2680f6224fe17e5e3b6862b0ad9876f924df8bc6c101e
SHA512

45f6617854d27a20eb85c0a6e2fbe7dfc247e7bd8419cca7526de2a97a6ea15e4e1a20fa2fdca2eb05cb600b37557f0a2ae167cc77afc439554949a5f11167e4
SSDEEP

384:NwoNWPA9IAi+N2IBnQslMSjqqVHkus1eBLXByLGkXj0iXWylWWfyLB:NwNPKIHGnJlMSmqVHlsIhByPz3fyLB

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2236 wrote to memory of 2244	2236	rundll32.exe	28
PID 2236 wrote to memory of 2244	2236	rundll32.exe	28
PID 2236 wrote to memory of 2244	2236	rundll32.exe	28
PID 2236 wrote to memory of 2244	2236	rundll32.exe	28
PID 2236 wrote to memory of 2244	2236	rundll32.exe	28
PID 2236 wrote to memory of 2244	2236	rundll32.exe	28
PID 2236 wrote to memory of 2244	2236	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\40f179ad564079a59195c74bb1ec5602.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2236
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\40f179ad564079a59195c74bb1ec5602.dll,#1
  2⤵
  PID:2244