Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25-01-2024 16:16
Behavioral task
behavioral1
Sample
74f2cf3507cbc51bbc4d03230fd5c0a0.dll
Resource
win7-20231215-en
windows7-x64
1 signatures
150 seconds
General
-
Target
74f2cf3507cbc51bbc4d03230fd5c0a0.dll
-
Size
54KB
-
MD5
74f2cf3507cbc51bbc4d03230fd5c0a0
-
SHA1
2d4f292984101f8d1cbe105930ddcad3ac16b23f
-
SHA256
43ef830a80c2ea8a4a54aeb5cc593fc75fdeefa9993ba6d6280ad88159c97348
-
SHA512
0c75848dcafcbe5daf2e1945dc7d72cddf998b7c9c0b7a6e939ffad8196a109bc261742dde2778dc541698e5ccca247fe8edf7c43d818f95ed6d96269b323bd0
-
SSDEEP
768:26cTcjNp0oMrTo/Wxf368yef9Z8IF/tv/uTa2YV0VvjeBPKdRtQZiujQ3zTN8kDn:23umoMtxC8yu9ZdmzY+FjZDGY18hG
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 2756 wrote to memory of 2704 2756 rundll32.exe rundll32.exe PID 2756 wrote to memory of 2704 2756 rundll32.exe rundll32.exe PID 2756 wrote to memory of 2704 2756 rundll32.exe rundll32.exe PID 2756 wrote to memory of 2704 2756 rundll32.exe rundll32.exe PID 2756 wrote to memory of 2704 2756 rundll32.exe rundll32.exe PID 2756 wrote to memory of 2704 2756 rundll32.exe rundll32.exe PID 2756 wrote to memory of 2704 2756 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\74f2cf3507cbc51bbc4d03230fd5c0a0.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2756 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\74f2cf3507cbc51bbc4d03230fd5c0a0.dll,#12⤵PID:2704