2248250bbe25c29844c5582adbea43a563fb779b1a6b0bcde812f6bde5bd2890

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
11/01/2024, 18:43

Target

5449048771dcc1fac8f027267b01aa59.dll
Size

31KB
MD5

5449048771dcc1fac8f027267b01aa59
SHA1

8b8e75c7924be2f7e25142e621eb577c5cd3c03c
SHA256

2248250bbe25c29844c5582adbea43a563fb779b1a6b0bcde812f6bde5bd2890
SHA512

0cb0fa38c79b83b531b6b5495b50d6227cbbee798d38a87a80298cf07606e20b747be3622793beabf11370561d3e20c9f5dd85f73fa28a6481906da7f65a190b
SSDEEP

384:oBifNgGXNI/TGOCAxpSNzIi1H17ZFZVnrKIw6Et9MSiNxUNtkru5q1I+HsnYPLy8:o0fKGXNgSN0i1zJn2Iw6EtMgNtWC1N1Y

Score

1^/10

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2284	rundll32.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2296 wrote to memory of 2284	2296	rundll32.exe	16
PID 2296 wrote to memory of 2284	2296	rundll32.exe	16
PID 2296 wrote to memory of 2284	2296	rundll32.exe	16
PID 2296 wrote to memory of 2284	2296	rundll32.exe	16
PID 2296 wrote to memory of 2284	2296	rundll32.exe	16
PID 2296 wrote to memory of 2284	2296	rundll32.exe	16
PID 2296 wrote to memory of 2284	2296	rundll32.exe	16

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\5449048771dcc1fac8f027267b01aa59.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2296
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\5449048771dcc1fac8f027267b01aa59.dll,#1
  2⤵
  - Suspicious use of SetWindowsHookEx
  PID:2284