Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19-01-2024 12:31

General

  • Target

    $PLUGINSDIR/Install.dll

  • Size

    222KB

  • MD5

    0f72144483574fb6b7d23834756fe3d3

  • SHA1

    056ff7cc5e489e2107dc27c2fb72bded6e1e1637

  • SHA256

    149d0184c0b080d753dc937e04f98077ec635437c523ab9acfd95ee0ed56d72c

  • SHA512

    c3e9eaa7a0d62fb6d3179d2922f4613183193c23ab3a6533d2483631409f2e4e1a1905485ee608db1c519ce0b9d3361258e5c09a411f9f1e509a93daecef1250

  • SSDEEP

    3072:06ZZMlxF6SjO0QAixbjs3Er8ZVFVrkOn2SyR+NmzLg+B5rQ1CXv:0KZmtFVri+2E+Q8v

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Install.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:536
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Install.dll,#1
      2⤵
        PID:2288

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads