2c83e7b62232437c16f4e39d99e43acca1815c4f35347cff291ebc010a77f9f8 | Triage

Analysis

max time kernel
126s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2023, 12:50

Sharing

Report Analysis Logs

General

Target

190b672bf672c08e2ba17be839553741.dll
Size

3KB
MD5

190b672bf672c08e2ba17be839553741
SHA1

995cd22ac13895f51d4ee285d677cb887dc913ca
SHA256

2c83e7b62232437c16f4e39d99e43acca1815c4f35347cff291ebc010a77f9f8
SHA512

23513aaa82d51e383e45d9a5d270b473c0deb8d2614a0782c5ff38fb54e0533a74d200969dc3bc4ee1019e1ceb1e5fe4c8237643713c39c76b15ab7c8af81bbc

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4388 wrote to memory of 1828	4388	rundll32.exe	14
PID 4388 wrote to memory of 1828	4388	rundll32.exe	14
PID 4388 wrote to memory of 1828	4388	rundll32.exe	14

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\190b672bf672c08e2ba17be839553741.dll,#1
1⤵
PID:1828

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\190b672bf672c08e2ba17be839553741.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4388

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads