fc2ee4afb5841c63a281b31f517005ee48746253a5400140163f69d38d95eb35

Analysis

max time kernel
118s
max time network
118s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
19-01-2024 11:10

Target

677a6ba82ea12d634230e404f3e3c5f8.dll
Size

28KB
MD5

677a6ba82ea12d634230e404f3e3c5f8
SHA1

1318a5134b80909c476483fee7fc6402485d0c7c
SHA256

fc2ee4afb5841c63a281b31f517005ee48746253a5400140163f69d38d95eb35
SHA512

cd0c4203e2c4d5986a6137117f5dbbe2f73383888e9717b3f5532bae7ac28fb9eda0cec0f42143a44c9dcce8a7c5cbedaadf57f4de205522ef2e6b0eed79ed41
SSDEEP

192:LSkPXDXshIfo5Txgx6qcNWmLpw6DILWnCwm63PtPsibP7rEMeDNAGSAuH:HXjoBNxgx6RIeHn3m63PtPTbPnEMKN

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2360 wrote to memory of 2392	2360	rundll32.exe	28
PID 2360 wrote to memory of 2392	2360	rundll32.exe	28
PID 2360 wrote to memory of 2392	2360	rundll32.exe	28
PID 2360 wrote to memory of 2392	2360	rundll32.exe	28
PID 2360 wrote to memory of 2392	2360	rundll32.exe	28
PID 2360 wrote to memory of 2392	2360	rundll32.exe	28
PID 2360 wrote to memory of 2392	2360	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\677a6ba82ea12d634230e404f3e3c5f8.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2360
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\677a6ba82ea12d634230e404f3e3c5f8.dll,#1
  2⤵
  PID:2392