137241738cc010fc67104fcc46ad2bcd4b32528ed2b3b0657509d013a5db2ecd

Analysis

max time kernel
136s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
06/01/2024, 13:47

Target

137241738cc010fc67104fcc46ad2bcd4b32528ed2b3b0657509d013a5db2ecd.dll
Size

51KB
MD5

69e36632bd416dd5901520673e2de862
SHA1

18f4745b9e7d3dba9f7d652481daa612726c7150
SHA256

137241738cc010fc67104fcc46ad2bcd4b32528ed2b3b0657509d013a5db2ecd
SHA512

3b4bfe711cc37ed93f5a9ed6f1559d29982b32c1599665279dccc9640db6b7ddd7726124c380f5cd7de820c37d0bf396e3c695a362cc47ed5ce926a0adb29e93
SSDEEP

768:3Er7XR1M6t6FikUE58ozVOB+6QcXn0cE5Y18BtrEZJjuSkwFOBezOsAMC6Hh4:3EXXM2HEhzVWKtrEZFxFOBppMC6H

Score

1^/10

Suspicious behavior: RenamesItself 1 IoCs

pid	Process
2732	rundll32.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3980 wrote to memory of 2732	3980	rundll32.exe	14
PID 3980 wrote to memory of 2732	3980	rundll32.exe	14
PID 3980 wrote to memory of 2732	3980	rundll32.exe	14

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\137241738cc010fc67104fcc46ad2bcd4b32528ed2b3b0657509d013a5db2ecd.dll,#1
1⤵
- Suspicious behavior: RenamesItself
PID:2732

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\137241738cc010fc67104fcc46ad2bcd4b32528ed2b3b0657509d013a5db2ecd.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3980