Overview

overview

3

Static

static

3

010f23e83f...b6.dll

windows7-x64

1

010f23e83f...b6.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    110s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 02:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    010f23e83f551b68ac05fe4d1455b1b6.dll

  • Size

    24KB

  • MD5

    010f23e83f551b68ac05fe4d1455b1b6

  • SHA1

    7149735e164e792b81e9868c110ae25eda98098d

  • SHA256

    e472b87291c7ab7f39b0bf863b700380da1813b16602aa3fccdd75dbfc24722d

  • SHA512

    93df7d9d1b18a62ad26232568fe2448eacc203b4d23c7e8a38db457ccd5a2cd39636bf2dbc82d9010a0ea97a3037e1f6074d6ff279247a5a63cf5a75eb2923c6

  • SSDEEP

    96:lqFp94lQwHN2bxrHn+D9dQcoP4wKfTG2CD182BmZ2JVEXF1+pZc/6Xe0wL+Z1:C9Lwt2bxeQci4wK76R82tb3pZcCNKk1

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\010f23e83f551b68ac05fe4d1455b1b6.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4608
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\010f23e83f551b68ac05fe4d1455b1b6.dll,#1
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads