be96b921a55900786c25da1e181582a9afc2dc758c457d789761c2e2e447bf8c | Triage

Analysis

max time kernel
121s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 00:55

Sharing

Report Analysis Logs

General

Target

22539ddf86951ec8832c25ee6077d7f1.dll
Size

28KB
MD5

22539ddf86951ec8832c25ee6077d7f1
SHA1

b577f017e52727ac90c290d1c7898e1504e44daf
SHA256

be96b921a55900786c25da1e181582a9afc2dc758c457d789761c2e2e447bf8c
SHA512

fcab2655c5c430192a41b2609a4d85bceebb27ee9f75867a77cbb9f6c6a79632863cf70dc6199b205ced356a51bbe3c7a46e31b8685e02a9065b352b38a6d92e
SSDEEP

384:EGiVZZKRcliAigqCsSmzHtTfTWdTN9W13Z:ua9zgq5SmjtTfTWdTN9Wz

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2136 wrote to memory of 2708	2136	rundll32.exe	16
PID 2136 wrote to memory of 2708	2136	rundll32.exe	16
PID 2136 wrote to memory of 2708	2136	rundll32.exe	16
PID 2136 wrote to memory of 2708	2136	rundll32.exe	16
PID 2136 wrote to memory of 2708	2136	rundll32.exe	16
PID 2136 wrote to memory of 2708	2136	rundll32.exe	16
PID 2136 wrote to memory of 2708	2136	rundll32.exe	16

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\22539ddf86951ec8832c25ee6077d7f1.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2136
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\22539ddf86951ec8832c25ee6077d7f1.dll,#1
  2⤵
  PID:2708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads