57962dd9e60c3789bc95eb3d25029747e6aae9f4c5a3724e26d077d894636fd0

Analysis

max time kernel
148s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
31/12/2023, 12:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

367b0fc0fd4c61e396cc41fb6640bf9d.dll
Size

9KB
MD5

367b0fc0fd4c61e396cc41fb6640bf9d
SHA1

ba69ba4eb5b0075ebf8a8b4911ce8616d47e3c57
SHA256

57962dd9e60c3789bc95eb3d25029747e6aae9f4c5a3724e26d077d894636fd0
SHA512

a21879ed89e0e386d215aa9ed31e2c84268caa356271b781103ec104dfc882736308edb7054e2c229828f8779f4b4e60fbc014bcb54664fe8ec170ea6fd00d93
SSDEEP

96:Hv8AvH3Y0CisykOvOW51CZeLeJI1Jrjplg50WxaQHX3x5tUMDvA4HPtyo7blqffG:P84Vk4jQeL0YljpinX3nA40fGkg

Score

8^/10

persistence

Malware Config

Signatures

Modifies AppInit DLL entries 2 TTPs
persistence

Registry Run Keys / Startup Folder
T1547.001

Modify Registry
T1112

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3412 wrote to memory of 2884	3412	rundll32.exe	87
PID 3412 wrote to memory of 2884	3412	rundll32.exe	87
PID 3412 wrote to memory of 2884	3412	rundll32.exe	87

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\367b0fc0fd4c61e396cc41fb6640bf9d.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3412
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\367b0fc0fd4c61e396cc41fb6640bf9d.dll,#1
  2⤵
  PID:2884

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...