f551fb19367ccf32e5f054d30e10274585863ea0460075e0bc048f5c086e1d12

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-01-2024 15:52

Target

f551fb19367ccf32e5f054d30e10274585863ea0460075e0bc048f5c086e1d12.dll
Size

691KB
MD5

c8f5a249eb9af0f83c34eb1a3dc8e477
SHA1

3c51c975ee3db4f64f643ff70f2d72650a8414c8
SHA256

f551fb19367ccf32e5f054d30e10274585863ea0460075e0bc048f5c086e1d12
SHA512

f98422f0f7419bd44af2d75520fa281f87bef62ea8c809e3f11968230e7fd9486849de997ad81f9d740a9cf69fed79c4d9591c977fefdc586589590d9d622b61
SSDEEP

12288:o1C1YgDBIuKofa3MlF8oQtqhGsZNEgp016UbTNwHP:o1C1YgDBIuK13vrsZAbTuH

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 2144 wrote to memory of 2056	2144	rundll32.exe	rundll32.exe
PID 2144 wrote to memory of 2056	2144	rundll32.exe	rundll32.exe
PID 2144 wrote to memory of 2056	2144	rundll32.exe	rundll32.exe
PID 2144 wrote to memory of 2056	2144	rundll32.exe	rundll32.exe
PID 2144 wrote to memory of 2056	2144	rundll32.exe	rundll32.exe
PID 2144 wrote to memory of 2056	2144	rundll32.exe	rundll32.exe
PID 2144 wrote to memory of 2056	2144	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\f551fb19367ccf32e5f054d30e10274585863ea0460075e0bc048f5c086e1d12.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2144

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\f551fb19367ccf32e5f054d30e10274585863ea0460075e0bc048f5c086e1d12.dll,#1
2⤵
PID:2056