7811b13b7b8c5530cef46e3d91e9f37a560e747124d9769d31cee382507ee51f | Triage

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 01:40

Sharing

Report Analysis Logs

General

Target

2318aa32f991e6f714d0746871272c75.dll
Size

16KB
MD5

2318aa32f991e6f714d0746871272c75
SHA1

8e0eaaa7af8bbe5a226302fa386023cc1d0b750d
SHA256

7811b13b7b8c5530cef46e3d91e9f37a560e747124d9769d31cee382507ee51f
SHA512

5aa8ebed58343ba4f5409b1c9f05e883cd48979fa269976fdf0e716e15450790625f24a8dad56d0308d1eff9a7067e938d755bd3ffaf03e647bba69debd210ed
SSDEEP

384:LVG/sgKoB3WGn3AnpG9Ok87I2EZsZsNfrnUMZU:LVosgd3WC9/2EZcsZrUN

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2248 wrote to memory of 2964	2248	rundll32.exe	15
PID 2248 wrote to memory of 2964	2248	rundll32.exe	15
PID 2248 wrote to memory of 2964	2248	rundll32.exe	15
PID 2248 wrote to memory of 2964	2248	rundll32.exe	15
PID 2248 wrote to memory of 2964	2248	rundll32.exe	15
PID 2248 wrote to memory of 2964	2248	rundll32.exe	15
PID 2248 wrote to memory of 2964	2248	rundll32.exe	15

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\2318aa32f991e6f714d0746871272c75.dll,#1
1⤵
PID:2964

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\2318aa32f991e6f714d0746871272c75.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads