Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25-01-2024 16:20
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
74f47fa80e267f69f8152cb30d7b965b.dll
Resource
win7-20231215-en
windows7-x64
1 signatures
150 seconds
General
-
Target
74f47fa80e267f69f8152cb30d7b965b.dll
-
Size
6KB
-
MD5
74f47fa80e267f69f8152cb30d7b965b
-
SHA1
a8af80a6a74744a5970c45fc5cfe3b67202bf2bf
-
SHA256
e68f0eeddcc429797379e173f98b7306725515460c4cb188f62e071ff83a8833
-
SHA512
3c051b700339a0b29d676dd8ec341497a8b3786a9fdd4eef8b4997cee1212fe3bbebe4115b2f3f443272dd854a374d5ac93fe9c6901b83f8703b4c5bbb908ff8
-
SSDEEP
48:6EQt5YVOSVVEPy+wEMmqiHNpU102JB+BDq9J5SV3DY:CSVVEPozmB70JB+FqX5S1D
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 2216 wrote to memory of 2220 2216 rundll32.exe rundll32.exe PID 2216 wrote to memory of 2220 2216 rundll32.exe rundll32.exe PID 2216 wrote to memory of 2220 2216 rundll32.exe rundll32.exe PID 2216 wrote to memory of 2220 2216 rundll32.exe rundll32.exe PID 2216 wrote to memory of 2220 2216 rundll32.exe rundll32.exe PID 2216 wrote to memory of 2220 2216 rundll32.exe rundll32.exe PID 2216 wrote to memory of 2220 2216 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\74f47fa80e267f69f8152cb30d7b965b.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2216 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\74f47fa80e267f69f8152cb30d7b965b.dll,#12⤵PID:2220