Overview

overview

3

Static

static

3

564db4dbfb...f0.dll

windows7-x64

1

564db4dbfb...f0.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/01/2024, 11:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    564db4dbfb0b4978c87b34b9e16b45f0.dll

  • Size

    23KB

  • MD5

    564db4dbfb0b4978c87b34b9e16b45f0

  • SHA1

    640983fc4e37265cc3e4613333abd4db3104d60c

  • SHA256

    2cebcfc204a56d98a7f73e9cce9f27fcf4245e62df0dec296867bf543e8d9a6f

  • SHA512

    2192f3dc58b055a0e0ed600dd6297e18a91eae0ca13e326eada91b1cd2a2507545ba908da26a5ef4d84742c5d9e8ea8e65e842cdd74aa96c0028f631f2715713

  • SSDEEP

    384:LqShFCmEAE2q2ejPAo6bm71lIYGF4KRqDpgK+pjKUQWmANW6o1w:LqSjClGbmfIFFtRKpgKEjKU95oC

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\564db4dbfb0b4978c87b34b9e16b45f0.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:552
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\564db4dbfb0b4978c87b34b9e16b45f0.dll,#1
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:4704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads