a224aeeff2fd92f99d3beb7e17b98e5d8c6b04946b62ba221ac39e89ad66fb43

Analysis

max time kernel
126s
max time network
76s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26-12-2023 03:44

Target

Eternity.cc V4/Eternity.cc.dll
Size

589KB
MD5

734a12467058c5214b170a30dde07980
SHA1

ae7231dba0f1eee0277d5dd1814379941b586589
SHA256

0added5aa946e4c8392fd1c924e4d1728c3dfabf9c5e3f74466295fdbae26148
SHA512

17de50586a410eb9fcc35ce2a84c9114cc35f242770814cfd067ca7327957551273a5e17ea1fcbb82d4369d90b0e79890d93af27e4d16521dc90dc06b30d5843
SSDEEP

12288:hQMaPuEVqX44rpccarqT11RyNdZvCxmYZqG+L/Pfki8VcmTgjd5eDCyVRawf7L0u:2M0oQNdAcV8im40f7Kl+gM

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 816 wrote to memory of 4520	816	rundll32.exe	14
PID 816 wrote to memory of 4520	816	rundll32.exe	14
PID 816 wrote to memory of 4520	816	rundll32.exe	14

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Eternity.cc V4\Eternity.cc.dll",#1
1⤵
PID:4520

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Eternity.cc V4\Eternity.cc.dll",#1
1⤵
- Suspicious use of WriteProcessMemory
PID:816