eb72b12238820b5ab0697960b6a4c22f7055694f0d69da74b2ca881c0df854a9

Analysis

max time kernel
121s
max time network
121s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-01-2024 16:12

Target

74f12cff74561e635d0c3eadd9f2d32d.dll
Size

146KB
MD5

74f12cff74561e635d0c3eadd9f2d32d
SHA1

062d945a328bf2776e26331925da0d583e3c9027
SHA256

eb72b12238820b5ab0697960b6a4c22f7055694f0d69da74b2ca881c0df854a9
SHA512

2f69d15b37c64b6b40d1dbacacee692f4c95f4642c634b8d53931779fca5bafadcd5750568565520f63f0d3176fac1605d4254dfdb2bc9efbf8594db6642d9cf
SSDEEP

3072:qX8A8Me7T/nrp78/SVORTN1hCXn1wMwHyaXnTcRJGTawOCYbxtpIPRZZSdUT:qXmMe7fpNVfwMwpThwpI4+

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 1716 wrote to memory of 2516	1716	rundll32.exe	rundll32.exe
PID 1716 wrote to memory of 2516	1716	rundll32.exe	rundll32.exe
PID 1716 wrote to memory of 2516	1716	rundll32.exe	rundll32.exe
PID 1716 wrote to memory of 2516	1716	rundll32.exe	rundll32.exe
PID 1716 wrote to memory of 2516	1716	rundll32.exe	rundll32.exe
PID 1716 wrote to memory of 2516	1716	rundll32.exe	rundll32.exe
PID 1716 wrote to memory of 2516	1716	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\74f12cff74561e635d0c3eadd9f2d32d.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1716

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\74f12cff74561e635d0c3eadd9f2d32d.dll,#1
2⤵
PID:2516

memory/2516-0-0x0000000010000000-0x0000000010030000-memory.dmp

Filesize
192KB

Download
memory/2516-1-0x0000000010000000-0x0000000010030000-memory.dmp

Filesize
192KB

Download
memory/2516-2-0x00000000001B0000-0x00000000001BA000-memory.dmp

Filesize
40KB

Download
memory/2516-6-0x00000000001B0000-0x00000000001BA000-memory.dmp

Filesize
40KB

Download
memory/2516-7-0x00000000001B0000-0x00000000001BA000-memory.dmp

Filesize
40KB

Download