be96b921a55900786c25da1e181582a9afc2dc758c457d789761c2e2e447bf8c | Triage

Analysis

max time kernel
152s
max time network
81s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
31/12/2023, 00:55

Sharing

Report Analysis Logs

General

Target

22539ddf86951ec8832c25ee6077d7f1.dll
Size

28KB
MD5

22539ddf86951ec8832c25ee6077d7f1
SHA1

b577f017e52727ac90c290d1c7898e1504e44daf
SHA256

be96b921a55900786c25da1e181582a9afc2dc758c457d789761c2e2e447bf8c
SHA512

fcab2655c5c430192a41b2609a4d85bceebb27ee9f75867a77cbb9f6c6a79632863cf70dc6199b205ced356a51bbe3c7a46e31b8685e02a9065b352b38a6d92e
SSDEEP

384:EGiVZZKRcliAigqCsSmzHtTfTWdTN9W13Z:ua9zgq5SmjtTfTWdTN9Wz

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4976 wrote to memory of 2560	4976	rundll32.exe	14
PID 4976 wrote to memory of 2560	4976	rundll32.exe	14
PID 4976 wrote to memory of 2560	4976	rundll32.exe	14

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\22539ddf86951ec8832c25ee6077d7f1.dll,#1
1⤵
PID:2560

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\22539ddf86951ec8832c25ee6077d7f1.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads