43ef830a80c2ea8a4a54aeb5cc593fc75fdeefa9993ba6d6280ad88159c97348

Analysis

max time kernel
122s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-01-2024 16:16

Target

74f2cf3507cbc51bbc4d03230fd5c0a0.dll
Size

54KB
MD5

74f2cf3507cbc51bbc4d03230fd5c0a0
SHA1

2d4f292984101f8d1cbe105930ddcad3ac16b23f
SHA256

43ef830a80c2ea8a4a54aeb5cc593fc75fdeefa9993ba6d6280ad88159c97348
SHA512

0c75848dcafcbe5daf2e1945dc7d72cddf998b7c9c0b7a6e939ffad8196a109bc261742dde2778dc541698e5ccca247fe8edf7c43d818f95ed6d96269b323bd0
SSDEEP

768:26cTcjNp0oMrTo/Wxf368yef9Z8IF/tv/uTa2YV0VvjeBPKdRtQZiujQ3zTN8kDn:23umoMtxC8yu9ZdmzY+FjZDGY18hG

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 2756 wrote to memory of 2704	2756	rundll32.exe	rundll32.exe
PID 2756 wrote to memory of 2704	2756	rundll32.exe	rundll32.exe
PID 2756 wrote to memory of 2704	2756	rundll32.exe	rundll32.exe
PID 2756 wrote to memory of 2704	2756	rundll32.exe	rundll32.exe
PID 2756 wrote to memory of 2704	2756	rundll32.exe	rundll32.exe
PID 2756 wrote to memory of 2704	2756	rundll32.exe	rundll32.exe
PID 2756 wrote to memory of 2704	2756	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\74f2cf3507cbc51bbc4d03230fd5c0a0.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2756

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\74f2cf3507cbc51bbc4d03230fd5c0a0.dll,#1
2⤵
PID:2704