Overview

overview

1

Static

static

1

06005a9206...82.dll

windows7-x64

1

06005a9206...82.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 04:47

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    06005a920651a2c9451891f5a137de82.dll

  • Size

    56KB

  • MD5

    06005a920651a2c9451891f5a137de82

  • SHA1

    e5236dc15a8aa028e42d5b409bd50ad704dab309

  • SHA256

    00980dbc97e34c5b7cb0e76de2f3b866af59705673de633cc10ca1268d4fa337

  • SHA512

    5139a70a91fe30ae5eca054f9caaf98700f125b3cad836d904de89937bd651ddebb56f0552ac847257b256926a3ba522d2024a4dc4e0fc10624dc7f154c6fccb

  • SSDEEP

    768:KB8BspJAcsI5iKgfYaP8mIPnNKFLFw4LBT8ssO+wcSDPnGMEad8:KBlFskg1kP4jOGDvlEy8

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\06005a920651a2c9451891f5a137de82.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3900
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\06005a920651a2c9451891f5a137de82.dll,#1
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:548

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/548-0-0x00000000014D0000-0x00000000014E2000-memory.dmp

          Filesize

          72KB

          Download

        • memory/548-1-0x0000000001510000-0x0000000001522000-memory.dmp

          Filesize

          72KB

          Download

        • memory/548-2-0x0000000077492000-0x0000000077493000-memory.dmp

          Filesize

          4KB

          Download

        • memory/548-3-0x0000000001580000-0x0000000001581000-memory.dmp

          Filesize

          4KB

          Download

        • memory/548-4-0x0000000001510000-0x0000000001522000-memory.dmp

          Filesize

          72KB

          Download

        • memory/548-5-0x0000000001560000-0x0000000001561000-memory.dmp

          Filesize

          4KB

          Download

        • memory/548-6-0x0000000000FE0000-0x0000000000FE1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/548-7-0x0000000077492000-0x0000000077493000-memory.dmp

          Filesize

          4KB

          Download

        • memory/548-12-0x0000000002D40000-0x0000000002DA2000-memory.dmp

          Filesize

          392KB

          Download

        • memory/548-11-0x0000000002D40000-0x0000000002DDD000-memory.dmp

          Filesize

          628KB

          Download

        • memory/548-10-0x00000000005F0000-0x0000000000604000-memory.dmp

          Filesize

          80KB

          Download

        • memory/548-9-0x0000000001510000-0x0000000001522000-memory.dmp

          Filesize

          72KB

          Download

        • memory/548-8-0x0000000077492000-0x0000000077493000-memory.dmp

          Filesize

          4KB

          Download