Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13-01-2024 12:02

General

  • Target

    d8e88cdf04222c6d214c2f835b25cf5e57e97607c54eddc6d25f1b6fbe298eaf.dll

  • Size

    51KB

  • MD5

    d2c176e9785de96fefe918b0748b7222

  • SHA1

    be96803f6428c7628402bc82576836215844dd16

  • SHA256

    d8e88cdf04222c6d214c2f835b25cf5e57e97607c54eddc6d25f1b6fbe298eaf

  • SHA512

    fbd481badaac379ee8ce0955f4cd0fb27f7accd26a64b414dbb2b3af7f5499bf76f7b5b42d6dd3db1583aaa083de6061f69dec695ac6285c0d979a5da351585c

  • SSDEEP

    768:3Er7XR1M6t6FikUE58ozVOB+6QcXn0cE5Y18BtrEZJjuSkwFOBezYsAMC6Hh4:3EXXM2HEhzVWKtrEZFxFOB7pMC6H

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\d8e88cdf04222c6d214c2f835b25cf5e57e97607c54eddc6d25f1b6fbe298eaf.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2040
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\d8e88cdf04222c6d214c2f835b25cf5e57e97607c54eddc6d25f1b6fbe298eaf.dll,#1
      2⤵
      • Suspicious behavior: RenamesItself
      PID:2760

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads