61708fe789c51c3b4e916913b552dad0bfbf6c39b63ce6283a5b5052e07b6644

Analysis

max time kernel
138s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25-12-2023 07:30

Target

0eea1b815f4aadab2386ec083c91f1da.dll
Size

121KB
MD5

0eea1b815f4aadab2386ec083c91f1da
SHA1

bd104db5bc7e857f21a1deeb94e6ba7e8469c6be
SHA256

61708fe789c51c3b4e916913b552dad0bfbf6c39b63ce6283a5b5052e07b6644
SHA512

bf371111f05e85ba138e0334733c9407069930a3b08bcddb01a6f4c57eb6a79756bb714e18e0bf738a58847a337415a9f8c84f62a501715d17571d10bf3af63a
SSDEEP

1536:bx5hcOSWmm4Q5hZZ9B7S8avemUkyyF48XHH3jrV0YHpY4R6POOP1q:OOAKRSv2m3VHXHHRtW1q

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3936 wrote to memory of 376	3936	rundll32.exe	19
PID 3936 wrote to memory of 376	3936	rundll32.exe	19
PID 3936 wrote to memory of 376	3936	rundll32.exe	19

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\0eea1b815f4aadab2386ec083c91f1da.dll,#1
1⤵
PID:376

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\0eea1b815f4aadab2386ec083c91f1da.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3936