Analysis
-
max time kernel
149s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system -
submitted
29/12/2023, 22:11
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
0547ed3c990d284f95ff5f31b203cde3.dll
Resource
win7-20231129-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
0547ed3c990d284f95ff5f31b203cde3.dll
Resource
win10v2004-20231222-en
1 signatures
150 seconds
General
-
Target
0547ed3c990d284f95ff5f31b203cde3.dll
-
Size
73KB
-
MD5
0547ed3c990d284f95ff5f31b203cde3
-
SHA1
bb5fe3bee7d0c4f73a4a38851923ccbc8d1226e4
-
SHA256
953b35b8147a7b0adf7234bc1c49180fa19a4780a554ab759684627285bfe757
-
SHA512
65d11ab312d0b7a56066ed60d73698de6a849d531b750903ab0634d6455c078a8740dbd5b1f39e19987a9566cd3ef48f36a1f1a027b1052005a49d88ef746380
-
SSDEEP
1536:dj+c2C7ZdUeZvziG9/vFD2q5YvCwS096BvII9ZHidw:d37ZdVZ79952qOCwSxtIGHidw
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2372 wrote to memory of 1936 2372 rundll32.exe 75 PID 2372 wrote to memory of 1936 2372 rundll32.exe 75 PID 2372 wrote to memory of 1936 2372 rundll32.exe 75
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0547ed3c990d284f95ff5f31b203cde3.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2372 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0547ed3c990d284f95ff5f31b203cde3.dll,#12⤵PID:1936
-