558297dfe47aa72908232fcf47283ab9f3f68c65800705c5433516e943cc30ca

Analysis

max time kernel
143s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2023, 01:02

Target

096a8fac677bf4f943063c72569eb104.dll
Size

89KB
MD5

096a8fac677bf4f943063c72569eb104
SHA1

cf24c378efddb87c805f41405d110aab389f29a8
SHA256

558297dfe47aa72908232fcf47283ab9f3f68c65800705c5433516e943cc30ca
SHA512

b4ef64502f247875d5af2600a9f13e94a420d037b71c2b388cffadf7e309c2c840da10bdb2f48bdfc150bea79e0abaeba681ee5d3a37a573b1649b72a0448b76
SSDEEP

1536:ukuZcOnTIQTiOobuM03cxMlub4goNFKrGK9+LVHYVHWVZAT:KZcHQfTd3cxx8gkIT

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2316 wrote to memory of 428	2316	rundll32.exe	86
PID 2316 wrote to memory of 428	2316	rundll32.exe	86
PID 2316 wrote to memory of 428	2316	rundll32.exe	86

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\096a8fac677bf4f943063c72569eb104.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2316
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\096a8fac677bf4f943063c72569eb104.dll,#1
  2⤵
  PID:428