40b5bdd7ee17ab51daadba1634b1d82e72e0056498f74b537e840392cfe5e23b

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
05-01-2024 11:42

Target

43990ec33a545d420507877ffb6c5338.dll
Size

123KB
MD5

43990ec33a545d420507877ffb6c5338
SHA1

94c260d97329e69e3c69727723a1d9ac5562444d
SHA256

40b5bdd7ee17ab51daadba1634b1d82e72e0056498f74b537e840392cfe5e23b
SHA512

7dc6764085d2c182e4804f9659464d38edf86546da2a29cadabc691686897ff9e5e5d8493982e5d0e7d3fa15f96c2f09fae0879c8dc3c706c479ec9c62ca5105
SSDEEP

1536:8iEYZMEYrvr9iwrPK1c/ohZN73K1QST9JLFPfWCnK4tgcE:8fYZ03wc/07an5xnK4S7

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2304 wrote to memory of 2312	2304	rundll32.exe	14
PID 2304 wrote to memory of 2312	2304	rundll32.exe	14
PID 2304 wrote to memory of 2312	2304	rundll32.exe	14
PID 2304 wrote to memory of 2312	2304	rundll32.exe	14
PID 2304 wrote to memory of 2312	2304	rundll32.exe	14
PID 2304 wrote to memory of 2312	2304	rundll32.exe	14
PID 2304 wrote to memory of 2312	2304	rundll32.exe	14

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\43990ec33a545d420507877ffb6c5338.dll,#1
1⤵
PID:2312

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\43990ec33a545d420507877ffb6c5338.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2304

memory/2312-0-0x0000000010000000-0x0000000010033000-memory.dmp

Filesize
204KB

Download
memory/2312-1-0x0000000010000000-0x0000000010033000-memory.dmp

Filesize
204KB

Download