17b804e74add38941e154d67481907433c51b92e14decf4cf68e1c4052c6e91c

Analysis

max time kernel
122s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 00:42

Target

221aacab50811d6b3aa3437980bd67e6.dll
Size

208KB
MD5

221aacab50811d6b3aa3437980bd67e6
SHA1

a9bd404f576d7bf8911ce6c067c16819d355e2d7
SHA256

17b804e74add38941e154d67481907433c51b92e14decf4cf68e1c4052c6e91c
SHA512

d1940ecf0a0abd0ea3ba8f6b1fb209a19f5762ca96bedaadeb1f1f22a3ff2bfb53319ebeb7b978361421c63eedabd568d3cf15f3ec106de76225d25ed96aff04
SSDEEP

3072:IRDonnJTeXlRwc6619ib2SQgkzW5SsGAvNmft6sKiTgHzv/Q1B2Vyg27WQmo+C+a:YUnnJTeXQcl9i/kzWrGQNImD8nxMM

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2596 wrote to memory of 2588	2596	rundll32.exe	29
PID 2596 wrote to memory of 2588	2596	rundll32.exe	29
PID 2596 wrote to memory of 2588	2596	rundll32.exe	29
PID 2596 wrote to memory of 2588	2596	rundll32.exe	29
PID 2596 wrote to memory of 2588	2596	rundll32.exe	29
PID 2596 wrote to memory of 2588	2596	rundll32.exe	29
PID 2596 wrote to memory of 2588	2596	rundll32.exe	29

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\221aacab50811d6b3aa3437980bd67e6.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2596
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\221aacab50811d6b3aa3437980bd67e6.dll,#1
  2⤵
  PID:2588

memory/2588-1-0x0000000074C40000-0x0000000074C76000-memory.dmp

Filesize
216KB

Download
memory/2588-2-0x00000000001A0000-0x00000000001AF000-memory.dmp

Filesize
60KB

Download
memory/2588-0-0x00000000001B0000-0x00000000001BE000-memory.dmp

Filesize
56KB

Download
memory/2588-3-0x00000000001B0000-0x00000000001BE000-memory.dmp

Filesize
56KB

Download
memory/2588-4-0x0000000074C40000-0x0000000074C76000-memory.dmp

Filesize
216KB

Download
memory/2588-6-0x00000000001A0000-0x00000000001AF000-memory.dmp

Filesize
60KB

Download