Overview

overview

1

Static

static

1

128704c20e...9d.dll

windows7-x64

1

128704c20e...9d.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 08:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    128704c20e58078aee66c6ac67802c9d.dll

  • Size

    840KB

  • MD5

    128704c20e58078aee66c6ac67802c9d

  • SHA1

    594e39cb02dcff09121a0eefdc1d242aa5eda786

  • SHA256

    e5487d29f8b88066157aaba5cc82f141a5f1f628703aa689bf57357f5b2372f6

  • SHA512

    0cee5b84671358a1f82a1d69f666aa6809702c1912dd23e1d1f354e1cdfc9f0983386d6fef3a2a100b51f0b719ea9069ed5e29296716c0955dc4ba323388ad1a

  • SSDEEP

    12288:p09/r1W6Pu40Z52nuuu87s2+DPoPF/S4QcRp6jvIQxTicmGQ8YtRs/czfP:pKRru4iIsoPF3RpyvIsecmd8HifP

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\128704c20e58078aee66c6ac67802c9d.dll,#1
    1⤵
      PID:4352
    • C:\Windows\system32\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\128704c20e58078aee66c6ac67802c9d.dll,#1
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:1460

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads