Overview

overview

3

Static

static

3

cd4ec01f00...7d.dll

windows7-x64

1

cd4ec01f00...7d.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    93s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-01-2024 13:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cd4ec01f004f7065ae411fa864b28ba5ba235fa5a1668a1d4eb0b3dc3a794e7d.dll

  • Size

    397KB

  • MD5

    45ed0ca2ee4ba89a6d41ece3122dcf29

  • SHA1

    3b8806712fc32d8cd634fc825832bc6ac7391355

  • SHA256

    cd4ec01f004f7065ae411fa864b28ba5ba235fa5a1668a1d4eb0b3dc3a794e7d

  • SHA512

    0c6c598c07ba2646c389020371911b179e76e0b39d8bbb93fdc47e28de4040f2a3d519bc19bfcb280dc5361815ab310777268ac295e8c48ba4730d8981164332

  • SSDEEP

    6144:151sacsiu2LDeIHoMDIbGFtcEOkCybEaQRXr9HNdvOaB:174g2LDeiPDImOkx2LIaB

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\cd4ec01f004f7065ae411fa864b28ba5ba235fa5a1668a1d4eb0b3dc3a794e7d.dll,#1
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:116
  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\cd4ec01f004f7065ae411fa864b28ba5ba235fa5a1668a1d4eb0b3dc3a794e7d.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads