c903597424e503b136735888cb19ed641c9be6867cdbd0d67d71ae8a1b3ed0b7 | Triage

Analysis

max time kernel
120s
max time network
122s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
29/12/2023, 23:27

Sharing

Report Analysis Logs

General

Target

06e748f645c1c34ce7efff070b08f396.dll
Size

6KB
MD5

06e748f645c1c34ce7efff070b08f396
SHA1

6157f960a46170a1b4ed7f0b134436e1360c4c12
SHA256

c903597424e503b136735888cb19ed641c9be6867cdbd0d67d71ae8a1b3ed0b7
SHA512

c6b9bf5705f310c48f32e1a9d282aeb4fe7e476f2a0658b3cbef752a9b57419ed0d04e4ffd3ac9c8c68ad9b8d04b575dc99ac003cd9296a87d45add2252a8bf7
SSDEEP

48:6WQV5YVOqtV0H1pw9ygYVUG0rB+BDq9J5SC:8qtV0HAr42B+FqX5SC

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2208 wrote to memory of 2392	2208	rundll32.exe	14
PID 2208 wrote to memory of 2392	2208	rundll32.exe	14
PID 2208 wrote to memory of 2392	2208	rundll32.exe	14
PID 2208 wrote to memory of 2392	2208	rundll32.exe	14
PID 2208 wrote to memory of 2392	2208	rundll32.exe	14
PID 2208 wrote to memory of 2392	2208	rundll32.exe	14
PID 2208 wrote to memory of 2392	2208	rundll32.exe	14

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\06e748f645c1c34ce7efff070b08f396.dll,#1
1⤵
PID:2392

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\06e748f645c1c34ce7efff070b08f396.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads