41aa1b0dbfef744b0dc3220686cbec665762ff6ff91115ec5efa66de12ce6151 | Triage

Analysis

max time kernel
147s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
10/01/2024, 06:39

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

4fda7900c9ce28720b0b01edb545b36b.dll
Size

63KB
MD5

4fda7900c9ce28720b0b01edb545b36b
SHA1

4b070d22b4cfd9c2c4fcd5599c4d725f1486de57
SHA256

41aa1b0dbfef744b0dc3220686cbec665762ff6ff91115ec5efa66de12ce6151
SHA512

f81659237d86dd2aa3356175af51e204b6a411d47b5b290c6e680658c9ef1089e83d48358291f5ae3947bb37304f0eec241ff065bbafc5f9770685a50edfda19
SSDEEP

1536:Iq39gKHGA6d6qXuoUF2XGwScrVr7xLM+VT1YsAz:Iq3mKmAaD1y22wSce

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2412 wrote to memory of 1568	2412	rundll32.exe	14
PID 2412 wrote to memory of 1568	2412	rundll32.exe	14
PID 2412 wrote to memory of 1568	2412	rundll32.exe	14

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\4fda7900c9ce28720b0b01edb545b36b.dll,#1
1⤵
PID:1568

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\4fda7900c9ce28720b0b01edb545b36b.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads