Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    17/01/2024, 21:31

General

  • Target

    6ca1e62a1bbdf9f732e6ec1c6c5bba8d17d30a3f1d1c9ecb1701732e0b561bec.dll

  • Size

    4.7MB

  • MD5

    a1fd01cbab62c691744f63c92349b2a8

  • SHA1

    2fa7d95b6ec0e5c7de21a28b310ebbbf5201d2fb

  • SHA256

    6ca1e62a1bbdf9f732e6ec1c6c5bba8d17d30a3f1d1c9ecb1701732e0b561bec

  • SHA512

    09584338601411bf112e40b6b03fc988803e21c06f5e22a832bbb0b917eb06d222c66f915678d9752b94b4fd4753a09476b3275fe6b8519542c1c4a6e6725fd8

  • SSDEEP

    98304:T6666666666666666666666666666666x666666666666666fwwwwwwwwwwwwwwh:KbW1wX2JGWc+nVt7Jmf5LOXxWMcvwYqF

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\6ca1e62a1bbdf9f732e6ec1c6c5bba8d17d30a3f1d1c9ecb1701732e0b561bec.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2480
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\6ca1e62a1bbdf9f732e6ec1c6c5bba8d17d30a3f1d1c9ecb1701732e0b561bec.dll,#1
      2⤵
        PID:2988

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads