c6eb1c7b19a965f644357161debc4e2262901d6727aa2adda079a3b50ee1db24

Analysis

max time kernel
142s
max time network
67s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
26-12-2023 04:44

Target

553c28ca27c0d559ff7146c0e65acc72.dll
Size

109KB
MD5

553c28ca27c0d559ff7146c0e65acc72
SHA1

7056253e8743670a5a48564683a4620c188da5d4
SHA256

c6eb1c7b19a965f644357161debc4e2262901d6727aa2adda079a3b50ee1db24
SHA512

15b596c1c278a8d30b8d172a47b8d0e22c20bf7cc2c5357c5157ad070f5c767d0dd6bdff3cfca23c29eddb6187ac94c73eae33c5364d94b15451173cf8fbec29
SSDEEP

1536:tZ4cgo72hAAPGj4QOncz5OQXcsXzfCeUsd17AflOWaqMslOW2hJ6:f4nuAe9gcNOQXbXTCeUi7AfloqMslsJ

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3536 wrote to memory of 4692	3536	rundll32.exe	14
PID 3536 wrote to memory of 4692	3536	rundll32.exe	14
PID 3536 wrote to memory of 4692	3536	rundll32.exe	14

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\553c28ca27c0d559ff7146c0e65acc72.dll,#1
1⤵
PID:4692

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\553c28ca27c0d559ff7146c0e65acc72.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3536