ceabe5cc6233fbde4f9115c2860628058ae4bf96020f095ec314fcf6214e635e | Triage

Analysis

max time kernel
138s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
30-12-2023 13:50

Sharing

Report Analysis Logs

General

Target

1a9329f96654bece797058d4bcf09ffc.dll
Size

24KB
MD5

1a9329f96654bece797058d4bcf09ffc
SHA1

752cee72c92b146ec4089f0e4c3de39ee179a302
SHA256

ceabe5cc6233fbde4f9115c2860628058ae4bf96020f095ec314fcf6214e635e
SHA512

a80473a35b314f32dadfb20ba7d9b31c52c93edca3e9c70455ea348fe23ae2b3801c2c01b8c361e8d5f4773d24b9117e0a8d7ffc5ac0773db511cc61af3f8ed7
SSDEEP

192:jiCeWHkdsmsHmhJuBBQ6PRQkbcb60YwCa03:uC7HQ9FuBBQARQkIbZYK0

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4060 wrote to memory of 3600	4060	rundll32.exe	57
PID 4060 wrote to memory of 3600	4060	rundll32.exe	57
PID 4060 wrote to memory of 3600	4060	rundll32.exe	57

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\1a9329f96654bece797058d4bcf09ffc.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4060
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\1a9329f96654bece797058d4bcf09ffc.dll,#1
  2⤵
  PID:3600

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads