f9d807d9c5bdefd6d18ab3419a11b93146b7cf2a6d17679b217de8cfa479966a

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
07/01/2024, 00:50

Target

4799baf7455d42bd79a83f408b189fe7.dll
Size

52KB
MD5

4799baf7455d42bd79a83f408b189fe7
SHA1

325d45003f80a4a65ad69b46277dd33297243167
SHA256

f9d807d9c5bdefd6d18ab3419a11b93146b7cf2a6d17679b217de8cfa479966a
SHA512

f911bc2a8e322d606b7fefa6f69849ac07d663913aa11f97115dff607e9c9cf31fae10868b543fe5898192e4b98b1eee01e39bfec828d92da87e9c661afbe4d1
SSDEEP

192:nrlEAx6mcYW+BUxbEYBEAx6mcYW+BUxbEY1eyyvjrFXS/FfkxEc1ubR5BenPqZyg:5EAxEOYBEAxEOYVy7VS/FeEc1crePr

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1572-0-0x0000000021760000-0x000000002176D000-memory.dmp	upx

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2476 wrote to memory of 1572	2476	rundll32.exe	15
PID 2476 wrote to memory of 1572	2476	rundll32.exe	15
PID 2476 wrote to memory of 1572	2476	rundll32.exe	15
PID 2476 wrote to memory of 1572	2476	rundll32.exe	15
PID 2476 wrote to memory of 1572	2476	rundll32.exe	15
PID 2476 wrote to memory of 1572	2476	rundll32.exe	15
PID 2476 wrote to memory of 1572	2476	rundll32.exe	15

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\4799baf7455d42bd79a83f408b189fe7.dll,#1
1⤵
PID:1572

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\4799baf7455d42bd79a83f408b189fe7.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2476

memory/1572-3-0x0000000021760000-0x000000002176D000-memory.dmp

Filesize
52KB

Download
memory/1572-2-0x0000000021760000-0x000000002176D000-memory.dmp

Filesize
52KB

Download
memory/1572-1-0x0000000021760000-0x000000002176D000-memory.dmp

Filesize
52KB

Download
memory/1572-0-0x0000000021760000-0x000000002176D000-memory.dmp

Filesize
52KB

Download