57e03405d2803134dfa0a52ad77943c66833d7831b8a793eb1f5c3f8d9e4947c | Triage

Analysis

max time kernel
148s
max time network
126s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
06/01/2024, 09:14

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

45dae7e84421a8355d34f6d7d4d8f1d7.dll
Size

921KB
MD5

45dae7e84421a8355d34f6d7d4d8f1d7
SHA1

35d155c33046018dc673cf91b055e72ad9eb7ffb
SHA256

57e03405d2803134dfa0a52ad77943c66833d7831b8a793eb1f5c3f8d9e4947c
SHA512

ec52adb7c55bbc97f6546fadb65c39d6a1cca4df9b2c705e02b953ebed6b74843b5a2c34c408e5235719a1bc8e1012b8b57482644fe1327d004ebf9f3957a245
SSDEEP

24576:cob0MfIYtVYT3OUvFQDO8iAXrcL9xuWXtsSE:cob0zVQDO8iYrcLCWXtsSE

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3196 wrote to memory of 2204	3196	rundll32.exe	14
PID 3196 wrote to memory of 2204	3196	rundll32.exe	14
PID 3196 wrote to memory of 2204	3196	rundll32.exe	14

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\45dae7e84421a8355d34f6d7d4d8f1d7.dll,#1
1⤵
PID:2204

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\45dae7e84421a8355d34f6d7d4d8f1d7.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads