e68f0eeddcc429797379e173f98b7306725515460c4cb188f62e071ff83a8833 | Triage

Analysis

max time kernel
119s
max time network
123s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-01-2024 16:20

Sharing

Report Analysis Logs

General

Target

74f47fa80e267f69f8152cb30d7b965b.dll
Size

6KB
MD5

74f47fa80e267f69f8152cb30d7b965b
SHA1

a8af80a6a74744a5970c45fc5cfe3b67202bf2bf
SHA256

e68f0eeddcc429797379e173f98b7306725515460c4cb188f62e071ff83a8833
SHA512

3c051b700339a0b29d676dd8ec341497a8b3786a9fdd4eef8b4997cee1212fe3bbebe4115b2f3f443272dd854a374d5ac93fe9c6901b83f8703b4c5bbb908ff8
SSDEEP

48:6EQt5YVOSVVEPy+wEMmqiHNpU102JB+BDq9J5SV3DY:CSVVEPozmB70JB+FqX5S1D

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 2216 wrote to memory of 2220	2216	rundll32.exe	rundll32.exe
PID 2216 wrote to memory of 2220	2216	rundll32.exe	rundll32.exe
PID 2216 wrote to memory of 2220	2216	rundll32.exe	rundll32.exe
PID 2216 wrote to memory of 2220	2216	rundll32.exe	rundll32.exe
PID 2216 wrote to memory of 2220	2216	rundll32.exe	rundll32.exe
PID 2216 wrote to memory of 2220	2216	rundll32.exe	rundll32.exe
PID 2216 wrote to memory of 2220	2216	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\74f47fa80e267f69f8152cb30d7b965b.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2216

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\74f47fa80e267f69f8152cb30d7b965b.dll,#1
2⤵
PID:2220

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...