Analysis
-
max time kernel
121s -
max time network
129s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
19-01-2024 12:31
Static task
static1
Behavioral task
behavioral1
Sample
67a2245688599b39c5c3aa1c85a416e2.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
67a2245688599b39c5c3aa1c85a416e2.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/Install.dll
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/Install.dll
Resource
win10v2004-20231215-en
General
-
Target
$PLUGINSDIR/Install.dll
-
Size
222KB
-
MD5
0f72144483574fb6b7d23834756fe3d3
-
SHA1
056ff7cc5e489e2107dc27c2fb72bded6e1e1637
-
SHA256
149d0184c0b080d753dc937e04f98077ec635437c523ab9acfd95ee0ed56d72c
-
SHA512
c3e9eaa7a0d62fb6d3179d2922f4613183193c23ab3a6533d2483631409f2e4e1a1905485ee608db1c519ce0b9d3361258e5c09a411f9f1e509a93daecef1250
-
SSDEEP
3072:06ZZMlxF6SjO0QAixbjs3Er8ZVFVrkOn2SyR+NmzLg+B5rQ1CXv:0KZmtFVri+2E+Q8v
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 536 wrote to memory of 2288 536 rundll32.exe 28 PID 536 wrote to memory of 2288 536 rundll32.exe 28 PID 536 wrote to memory of 2288 536 rundll32.exe 28 PID 536 wrote to memory of 2288 536 rundll32.exe 28 PID 536 wrote to memory of 2288 536 rundll32.exe 28 PID 536 wrote to memory of 2288 536 rundll32.exe 28 PID 536 wrote to memory of 2288 536 rundll32.exe 28