32b63835ff0804e730de8228b7c49a1da4248ca0888f472b956973e5b5923307 | Triage

Analysis

max time kernel
145s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25-12-2023 17:32

Sharing

Report Analysis Logs

General

Target

311f92a9a51145566e3a50d1ccdc1b5c.dll
Size

3KB
MD5

311f92a9a51145566e3a50d1ccdc1b5c
SHA1

25e13c1fd7d9faccdd498368ef28a15b47e2a340
SHA256

32b63835ff0804e730de8228b7c49a1da4248ca0888f472b956973e5b5923307
SHA512

52eb832bdb07e663573c5bf2214098c34fbe04d8a7ced827da192c884527970d80166a6893c6a478124923d99b5d6100ac3b072e106d2e3622d21c3bc00a2992

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4556 wrote to memory of 3124	4556	rundll32.exe	14
PID 4556 wrote to memory of 3124	4556	rundll32.exe	14
PID 4556 wrote to memory of 3124	4556	rundll32.exe	14

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\311f92a9a51145566e3a50d1ccdc1b5c.dll,#1
1⤵
PID:3124

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\311f92a9a51145566e3a50d1ccdc1b5c.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4556

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads