Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25-01-2024 16:02
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
53105ad999deb86a620a5d68d6372191458fbe813d9527330d862c09b6c2b5fe.dll
Resource
win7-20231215-en
windows7-x64
1 signatures
150 seconds
General
-
Target
53105ad999deb86a620a5d68d6372191458fbe813d9527330d862c09b6c2b5fe.dll
-
Size
729KB
-
MD5
5c1db75119eb64df87b071fbe92d6ba2
-
SHA1
a21cc7b8d4c84d500d7d4b8eaf9e66bf8e92739b
-
SHA256
53105ad999deb86a620a5d68d6372191458fbe813d9527330d862c09b6c2b5fe
-
SHA512
632cc1136770bcee555539192e2019c6d423f898e5e3787cce1803b82e4ff5e127bebc3715e33ebec27e61f9960c3d66a377087d130a1919eb3b5861f5758acc
-
SSDEEP
12288:aCFaiyJm0cvoFTLi8Pmbt7YgQZTF72NSzdq9gg0P84Xel6+dSqrcAmXZ287VbMq8:hYih3uTRFFZrudx
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 2108 wrote to memory of 2324 2108 rundll32.exe rundll32.exe PID 2108 wrote to memory of 2324 2108 rundll32.exe rundll32.exe PID 2108 wrote to memory of 2324 2108 rundll32.exe rundll32.exe PID 2108 wrote to memory of 2324 2108 rundll32.exe rundll32.exe PID 2108 wrote to memory of 2324 2108 rundll32.exe rundll32.exe PID 2108 wrote to memory of 2324 2108 rundll32.exe rundll32.exe PID 2108 wrote to memory of 2324 2108 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\53105ad999deb86a620a5d68d6372191458fbe813d9527330d862c09b6c2b5fe.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2108 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\53105ad999deb86a620a5d68d6372191458fbe813d9527330d862c09b6c2b5fe.dll,#12⤵PID:2324