Analysis
-
max time kernel
152s -
max time network
81s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
31/12/2023, 00:55
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
22539ddf86951ec8832c25ee6077d7f1.dll
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
22539ddf86951ec8832c25ee6077d7f1.dll
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
22539ddf86951ec8832c25ee6077d7f1.dll
-
Size
28KB
-
MD5
22539ddf86951ec8832c25ee6077d7f1
-
SHA1
b577f017e52727ac90c290d1c7898e1504e44daf
-
SHA256
be96b921a55900786c25da1e181582a9afc2dc758c457d789761c2e2e447bf8c
-
SHA512
fcab2655c5c430192a41b2609a4d85bceebb27ee9f75867a77cbb9f6c6a79632863cf70dc6199b205ced356a51bbe3c7a46e31b8685e02a9065b352b38a6d92e
-
SSDEEP
384:EGiVZZKRcliAigqCsSmzHtTfTWdTN9W13Z:ua9zgq5SmjtTfTWdTN9Wz
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4976 wrote to memory of 2560 4976 rundll32.exe 14 PID 4976 wrote to memory of 2560 4976 rundll32.exe 14 PID 4976 wrote to memory of 2560 4976 rundll32.exe 14
Processes
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\22539ddf86951ec8832c25ee6077d7f1.dll,#11⤵PID:2560
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\22539ddf86951ec8832c25ee6077d7f1.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:4976