27ac6b37a3ef3cbe70607f09a4c3a7c9af6d9e70c10119e2f1014665a2f1c38f | Triage

Analysis

max time kernel
91s
max time network
115s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 10:04

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

15e72780a62c4d26f189bed0904c8c97.dll
Size

3KB
MD5

15e72780a62c4d26f189bed0904c8c97
SHA1

2e1f86b09899df1d09a2097ab007ab0cb0cc971b
SHA256

27ac6b37a3ef3cbe70607f09a4c3a7c9af6d9e70c10119e2f1014665a2f1c38f
SHA512

2badc1942c162c5cbb514d28622710483d30b886ec990dc552110328a47d08226da6b7b09414081cd6802f561f0a74a6fe446ba130c0cf4d727a85de2ad670b2

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2524 wrote to memory of 4676	2524	rundll32.exe	30
PID 2524 wrote to memory of 4676	2524	rundll32.exe	30
PID 2524 wrote to memory of 4676	2524	rundll32.exe	30

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\15e72780a62c4d26f189bed0904c8c97.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2524
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\15e72780a62c4d26f189bed0904c8c97.dll,#1
  2⤵
  PID:4676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads