79fbc2fbb39adb1fa5d316057722fe2336fabc93a353a0fd473c72a1a07d81fd | Triage

Analysis

max time kernel
143s
max time network
107s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2023, 01:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

09cff477a5a636a286ceaa2ee7a1eba4.dll
Size

10KB
MD5

09cff477a5a636a286ceaa2ee7a1eba4
SHA1

1c28baa013ac185104ede9082157009c4f480767
SHA256

79fbc2fbb39adb1fa5d316057722fe2336fabc93a353a0fd473c72a1a07d81fd
SHA512

43a2a833ef787916f019a0225429ff4ffa89b8a95c3e77a19a91158f8d00705f7e0f1c029731392e4a1ca85d1cf7bdaf834a3cc3a07222c192d78b9c00e48844
SSDEEP

192:ayQfTUX6tSTSSk8Qrwlo0pfKKJn23Iqq:ay0TUKtSTrktMlztc3I

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3988	rundll32.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4124 wrote to memory of 3988	4124	rundll32.exe	14
PID 4124 wrote to memory of 3988	4124	rundll32.exe	14
PID 4124 wrote to memory of 3988	4124	rundll32.exe	14

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\09cff477a5a636a286ceaa2ee7a1eba4.dll,#1
1⤵
- Suspicious use of SetWindowsHookEx
PID:3988

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\09cff477a5a636a286ceaa2ee7a1eba4.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4124

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads