d333d8e163c7c63049309b516c5161b74356c360a02ddcb31c86e11cbf8b8e87 | Triage

Analysis

max time kernel
142s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2023, 04:29

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

0e809ca1626cc8b78e18ffe2790e90a2.dll
Size

3KB
MD5

0e809ca1626cc8b78e18ffe2790e90a2
SHA1

4ffec90df91a613e1dcba1cbaf41114b67370cab
SHA256

d333d8e163c7c63049309b516c5161b74356c360a02ddcb31c86e11cbf8b8e87
SHA512

60ae6e0ff5ad8ef3a8194a711ba5d5c4619b1735bc68eb261248b3378dc81d8c19382855a702f4221fa092cede17b5c0b04e93e41b3c7ca6f8afeb11fcfa736b

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3304 wrote to memory of 5004	3304	rundll32.exe	19
PID 3304 wrote to memory of 5004	3304	rundll32.exe	19
PID 3304 wrote to memory of 5004	3304	rundll32.exe	19

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\0e809ca1626cc8b78e18ffe2790e90a2.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3304
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\0e809ca1626cc8b78e18ffe2790e90a2.dll,#1
  2⤵
  PID:5004

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads