2fa89fc522f2a992343aa2799404fe682177cd6ffd8bc4b5fcbf62cfc285103a | Triage

Analysis

max time kernel
152s
max time network
194s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
18/01/2024, 23:33

Sharing

Report Analysis Logs

General

Target

6652fe203a1730d837bb00270afb212f.dll
Size

34KB
MD5

6652fe203a1730d837bb00270afb212f
SHA1

434a506ac0c21dea688c9be6e0e9de06077c932b
SHA256

2fa89fc522f2a992343aa2799404fe682177cd6ffd8bc4b5fcbf62cfc285103a
SHA512

891f55a089507e9535177e47f4af2cc910e5ef9341d01f2702c10ed14e0abc8c128ade018f10e22804718ba5f8ba6d7ff03e819ef7699f7aec50d3d32b4324db
SSDEEP

768:dh2apTenhq5FKoaRLwYJeSh9Z21EB9WQFrm:dQvnI5FKo0Lwwes9ZqKnFi

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/760-0-0x0000000010000000-0x000000001001A000-memory.dmp	upx
behavioral2/memory/760-1-0x0000000010000000-0x000000001001A000-memory.dmp	upx
behavioral2/memory/760-2-0x0000000010000000-0x000000001001A000-memory.dmp	upx

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2068 wrote to memory of 760	2068	rundll32.exe	88
PID 2068 wrote to memory of 760	2068	rundll32.exe	88
PID 2068 wrote to memory of 760	2068	rundll32.exe	88

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\6652fe203a1730d837bb00270afb212f.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2068
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\6652fe203a1730d837bb00270afb212f.dll,#1
  2⤵
  PID:760

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/760-0-0x0000000010000000-0x000000001001A000-memory.dmp

Filesize
104KB

Download
memory/760-1-0x0000000010000000-0x000000001001A000-memory.dmp

Filesize
104KB

Download
memory/760-2-0x0000000010000000-0x000000001001A000-memory.dmp

Filesize
104KB

Download