Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25-01-2024 16:00
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
cce784c7d78bed0b40fee05b25279e6a5994f5038a1a2cd49bf79b0d23ce335c.dll
Resource
win7-20231215-en
windows7-x64
1 signatures
150 seconds
General
-
Target
cce784c7d78bed0b40fee05b25279e6a5994f5038a1a2cd49bf79b0d23ce335c.dll
-
Size
303KB
-
MD5
256b69b5b8f58bdc5e876912325043f7
-
SHA1
4c50f7728ae33839798501bd336d34f01a155ac2
-
SHA256
cce784c7d78bed0b40fee05b25279e6a5994f5038a1a2cd49bf79b0d23ce335c
-
SHA512
085eb4a54f28523585b7a632fd2d9223c4d1de89b91df12da27461499838936a15b237b3894718c8458f90c4433e4726093d44ff60cd5acb1de7512ae4a1f89e
-
SSDEEP
6144:cMZ12bIwkRECyewDDr/ygy1Da1GfQjj5Em:B12bIw8EH7P/yR1D+jj
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 2240 wrote to memory of 2012 2240 rundll32.exe rundll32.exe PID 2240 wrote to memory of 2012 2240 rundll32.exe rundll32.exe PID 2240 wrote to memory of 2012 2240 rundll32.exe rundll32.exe PID 2240 wrote to memory of 2012 2240 rundll32.exe rundll32.exe PID 2240 wrote to memory of 2012 2240 rundll32.exe rundll32.exe PID 2240 wrote to memory of 2012 2240 rundll32.exe rundll32.exe PID 2240 wrote to memory of 2012 2240 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\cce784c7d78bed0b40fee05b25279e6a5994f5038a1a2cd49bf79b0d23ce335c.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2240 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\cce784c7d78bed0b40fee05b25279e6a5994f5038a1a2cd49bf79b0d23ce335c.dll,#12⤵PID:2012