Analysis
-
max time kernel
120s -
max time network
142s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
06-01-2024 04:29
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
454908e620c33ca3e631a6334e8b1ff1.dll
Resource
win7-20231215-en
windows7-x64
1 signatures
150 seconds
General
-
Target
454908e620c33ca3e631a6334e8b1ff1.dll
-
Size
544KB
-
MD5
454908e620c33ca3e631a6334e8b1ff1
-
SHA1
50f292391060ff4d772a4fd695f9eba8432a8fd8
-
SHA256
0a3bc15ceb80f700d80b7d651ff378cf407c239f3e513e3bc9bd854f82f7e22c
-
SHA512
0e3165221a8f751c2e54e40d5ffa2012b43535f19bf89a0d6b7f7ec287546e1312c6c43759bd2cc97ad4bc0e9fcc622dbc42b5c7a7f17f2794f1101607de6ca7
-
SSDEEP
12288:rqru80paIRPWxvFzhzFIko/IcYrIAfDE0cb1Yklllll/lllll7K10QUNI0H:rs0IIFWx9zlFIko/DY8kcbHlllll/llH
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 2776 wrote to memory of 2796 2776 rundll32.exe rundll32.exe PID 2776 wrote to memory of 2796 2776 rundll32.exe rundll32.exe PID 2776 wrote to memory of 2796 2776 rundll32.exe rundll32.exe PID 2776 wrote to memory of 2796 2776 rundll32.exe rundll32.exe PID 2776 wrote to memory of 2796 2776 rundll32.exe rundll32.exe PID 2776 wrote to memory of 2796 2776 rundll32.exe rundll32.exe PID 2776 wrote to memory of 2796 2776 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\454908e620c33ca3e631a6334e8b1ff1.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\454908e620c33ca3e631a6334e8b1ff1.dll,#12⤵