Analysis
-
max time kernel
117s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25-01-2024 15:59
General
-
Target
74ea99b770ec897229cb68a9d3485124.dll
-
Size
187KB
-
MD5
74ea99b770ec897229cb68a9d3485124
-
SHA1
0b41cc1840245014269bf8e6eb8d6934f3c34f74
-
SHA256
fd17760f03a63db0ba505e6b3226df61d57e0c204c34ca0ae8a417e514ee3789
-
SHA512
751eda44efc0fe38d601560403a9455c1caf0fd6f27ffadd7d5e3ef401e36fdfab633697a8e2998985b55888eaa779a272da00b73100ac1f72f91eac9968dd07
-
SSDEEP
3072:kefHzBFh6U7AtrlGg2ixOJt52UsOTlv1afwC/0q3gSXPEzERxniNN1T:kefHzBFl7AtrlgJt5dTLafL8WFx4
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\74ea99b770ec897229cb68a9d3485124.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\74ea99b770ec897229cb68a9d3485124.dll,#12⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1148-0-0x0000000000230000-0x0000000000276000-memory.dmpFilesize
280KB
-
memory/1148-1-0x00000000002E0000-0x0000000000326000-memory.dmpFilesize
280KB
-
memory/1148-2-0x0000000000230000-0x0000000000276000-memory.dmpFilesize
280KB
-
memory/1148-3-0x00000000001B0000-0x00000000001D6000-memory.dmpFilesize
152KB
-
memory/1148-4-0x00000000002E0000-0x0000000000326000-memory.dmpFilesize
280KB