cbc2398a7e8728ad89ee0f01df79f60dec62e7a4aecd71e3856ff2b3bccb7fc1

Analysis

max time kernel
120s
max time network
120s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
25-01-2024 15:52

Target

cbc2398a7e8728ad89ee0f01df79f60dec62e7a4aecd71e3856ff2b3bccb7fc1.dll
Size

724KB
MD5

39cf448c556a2cd2aa1cb6e6220857e9
SHA1

bd5001edefca0bcef3ec3cec39c999cdf25d2ff8
SHA256

cbc2398a7e8728ad89ee0f01df79f60dec62e7a4aecd71e3856ff2b3bccb7fc1
SHA512

4ff1e1fb3f31abfc41583c92f7db3fc19a71383bed39be3b7c6f9cabab40d575ebaf575bca18d343862ff33e445c2122823bea489b8f90b3ee88a1e81069b1d3
SSDEEP

12288:qlsyXE2GemaPufRhta1ioZ4/H3KsUbTNwHP:qlsyXE2G3aUwZLbTuH

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 2348 wrote to memory of 1696	2348	rundll32.exe	rundll32.exe
PID 2348 wrote to memory of 1696	2348	rundll32.exe	rundll32.exe
PID 2348 wrote to memory of 1696	2348	rundll32.exe	rundll32.exe
PID 2348 wrote to memory of 1696	2348	rundll32.exe	rundll32.exe
PID 2348 wrote to memory of 1696	2348	rundll32.exe	rundll32.exe
PID 2348 wrote to memory of 1696	2348	rundll32.exe	rundll32.exe
PID 2348 wrote to memory of 1696	2348	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2398a7e8728ad89ee0f01df79f60dec62e7a4aecd71e3856ff2b3bccb7fc1.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2348

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\cbc2398a7e8728ad89ee0f01df79f60dec62e7a4aecd71e3856ff2b3bccb7fc1.dll,#1
2⤵
PID:1696