Overview

overview

3

Static

static

3

1b0a88a2cb...44.dll

windows7-x64

1

1b0a88a2cb...44.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 14:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1b0a88a2cb8f530b49d8dfdef68bc944.dll

  • Size

    31KB

  • MD5

    1b0a88a2cb8f530b49d8dfdef68bc944

  • SHA1

    4641d0b0c5905b3e519822709b0cbf98ce38c659

  • SHA256

    55e99b9736bd284d3a013ec722ea03136bde7e602c97c841891b5337ba1ee5b8

  • SHA512

    dff436138b7ee72d70e13ebc614b6a87669f0e1f01249674e5acb77d7952138199b3f7f3566a2b5507cef339fe99fb7385af978e5e71c5289b313f6328df5c3b

  • SSDEEP

    768:qIJWA1CqWe0PamHQ267tM/AChqDERIEjN7:HkA1kPamM7tEhkYRIEjx

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\1b0a88a2cb8f530b49d8dfdef68bc944.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4996
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\1b0a88a2cb8f530b49d8dfdef68bc944.dll,#1
      2⤵
        PID:2356

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads