a52c6f1af498995cfcf8c300e69b4786c03b461cbbde889b241122ff936c110b

Analysis

max time kernel
122s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
13-01-2024 02:57

Target

57cd01af58b59f42cbd5f1ca19c33d98.dll
Size

6KB
MD5

57cd01af58b59f42cbd5f1ca19c33d98
SHA1

2b0c7964d2c9b4b061c4a303719874a31077480a
SHA256

a52c6f1af498995cfcf8c300e69b4786c03b461cbbde889b241122ff936c110b
SHA512

b668ec13546fe799c71961e5fb28d5ae0543c03b5327f85042f020bb1f2cf3a2c6048e7e8c152fee34a94efbd113f1452e54f31a667a50bfc18c032650e58848
SSDEEP

96:RYycg4d3MQscC9FPP+Je1nhDidglxoyOYGrvKFaTR7yLdcApxppVSz:R14dcQqQeRli8x5/GriQMxH

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2228 wrote to memory of 2760	2228	rundll32.exe	28
PID 2228 wrote to memory of 2760	2228	rundll32.exe	28
PID 2228 wrote to memory of 2760	2228	rundll32.exe	28
PID 2228 wrote to memory of 2760	2228	rundll32.exe	28
PID 2228 wrote to memory of 2760	2228	rundll32.exe	28
PID 2228 wrote to memory of 2760	2228	rundll32.exe	28
PID 2228 wrote to memory of 2760	2228	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\57cd01af58b59f42cbd5f1ca19c33d98.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2228
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\57cd01af58b59f42cbd5f1ca19c33d98.dll,#1
  2⤵
  PID:2760

memory/2760-0-0x00000000000A0000-0x00000000000A2000-memory.dmp

Filesize
8KB

Download
memory/2760-1-0x00000000000A0000-0x00000000000A2000-memory.dmp

Filesize
8KB

Download