Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25-01-2024 15:55
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
738939864677c5a7e3d6f418f1715ceb2281342dc76b4e09439ade70e391a27f.dll
Resource
win7-20231215-en
windows7-x64
1 signatures
150 seconds
General
-
Target
738939864677c5a7e3d6f418f1715ceb2281342dc76b4e09439ade70e391a27f.dll
-
Size
2.6MB
-
MD5
6f55bfcf1b3ae4fb0decb7fc5cd52d5f
-
SHA1
3c9f89365e66e7bb5154a03d3400813954e91759
-
SHA256
738939864677c5a7e3d6f418f1715ceb2281342dc76b4e09439ade70e391a27f
-
SHA512
9b69917b29983f9caa364481410f331198e6ac1a549f990448732cff703f787765cfc9548af5fa31d4264a620c09d67254c5feab6152243636ed45c90d88f59e
-
SSDEEP
49152:n3UxxpEk/xHCyOhoZRfg2yx6reVbTDa0T/:nyTEk/xHCyOgze
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 2208 wrote to memory of 2760 2208 rundll32.exe rundll32.exe PID 2208 wrote to memory of 2760 2208 rundll32.exe rundll32.exe PID 2208 wrote to memory of 2760 2208 rundll32.exe rundll32.exe PID 2208 wrote to memory of 2760 2208 rundll32.exe rundll32.exe PID 2208 wrote to memory of 2760 2208 rundll32.exe rundll32.exe PID 2208 wrote to memory of 2760 2208 rundll32.exe rundll32.exe PID 2208 wrote to memory of 2760 2208 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\738939864677c5a7e3d6f418f1715ceb2281342dc76b4e09439ade70e391a27f.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2208 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\738939864677c5a7e3d6f418f1715ceb2281342dc76b4e09439ade70e391a27f.dll,#12⤵PID:2760