e26d6c48e702655ad65a57e2340a2f7e39b323b591b87151154191e638753721 | Triage

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 05:21

Sharing

Report Analysis Logs

General

Target

079b60966700b147ae93f4fc68d372ac.dll
Size

2KB
MD5

079b60966700b147ae93f4fc68d372ac
SHA1

363ab6f47499d09846cd7344cb66a57a898ffcdb
SHA256

e26d6c48e702655ad65a57e2340a2f7e39b323b591b87151154191e638753721
SHA512

2b48c7699caba96ca7e497fb0bd1e32ecccf15c53fbb14ba5856c947dd1bbd19d0a13b327fbc0f63e9f0853efd609e1e3e07a47e97ec882721527b7be93cc2fc

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2240 wrote to memory of 2556	2240	rundll32.exe	15
PID 2240 wrote to memory of 2556	2240	rundll32.exe	15
PID 2240 wrote to memory of 2556	2240	rundll32.exe	15
PID 2240 wrote to memory of 2556	2240	rundll32.exe	15
PID 2240 wrote to memory of 2556	2240	rundll32.exe	15
PID 2240 wrote to memory of 2556	2240	rundll32.exe	15
PID 2240 wrote to memory of 2556	2240	rundll32.exe	15

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\079b60966700b147ae93f4fc68d372ac.dll,#1
1⤵
PID:2556

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\079b60966700b147ae93f4fc68d372ac.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2240

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads