Overview

overview

3

Static

static

3

7368259438...80.dll

windows7-x64

1

7368259438...80.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 01:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7368259438047248f1e6a14875a37b80.dll

  • Size

    722KB

  • MD5

    7368259438047248f1e6a14875a37b80

  • SHA1

    cfa7a2d9f21abe60e92165f95c237413308e882c

  • SHA256

    dbbfb307ba7fed922dcbcbde4d192d6124132206e4df2e4ebb9a100d2cdccdab

  • SHA512

    46c00facea3d6a25efab15e2c189d0ddc2ba168a687ff60e7f794282eb07562113929ed5aa7141e9aebbb6709174e02bef3c0d6663e8476fb558c548f3b4b400

  • SSDEEP

    6144:jA7y9eOJ/as1u504T7vC2IQhhQ4tkmakumSLNQQqY/3cgxY/pD6qFXMyvOU4GwcX:jSy9eO/asYrIUhntkmazK+0qY56EXndr

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\7368259438047248f1e6a14875a37b80.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3412
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\7368259438047248f1e6a14875a37b80.dll,#1
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of SetWindowsHookEx
      PID:2512

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads