90429fb21a0181e683ee7c05db43aa1d081ef518692eb7ccd49b2bef061c5897

Analysis

max time kernel
148s
max time network
60s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
09/01/2024, 04:59

Target

4d65fe9e9386c0cb7eff12fc146d86ac.dll
Size

60KB
MD5

4d65fe9e9386c0cb7eff12fc146d86ac
SHA1

ea66e4de4e6230e8cace2bff9fe86f0061712741
SHA256

90429fb21a0181e683ee7c05db43aa1d081ef518692eb7ccd49b2bef061c5897
SHA512

aed794dc152e645c8d95f99cac72c05221db19520b6cf057bb59105acf56f4a202d07671a648716d5ad90e6081bfd47ca0123867846430b0a467caa8798512b1
SSDEEP

1536:iUtu2nTL+4XtcFhDpeFiZ6uxWjJ6ka6zoLL1qFZVF3:iUtu2TL+KtcFh6IWjk6zoLL1SZVN

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 868 wrote to memory of 1748	868	rundll32.exe	14
PID 868 wrote to memory of 1748	868	rundll32.exe	14
PID 868 wrote to memory of 1748	868	rundll32.exe	14

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\4d65fe9e9386c0cb7eff12fc146d86ac.dll,#1
1⤵
PID:1748

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\4d65fe9e9386c0cb7eff12fc146d86ac.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:868