02ee8e32c4184b129f3ada79c9779d313644dea054177537d798c353335e1d5e | Triage

Analysis

max time kernel
120s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26-01-2024 01:56

Sharing

Report Analysis Logs

General

Target

7615c75eb65f4433bf2105fa522ddef1.dll
Size

99KB
MD5

7615c75eb65f4433bf2105fa522ddef1
SHA1

7506be44b729de9ec33bca77d7965e43079d75a2
SHA256

02ee8e32c4184b129f3ada79c9779d313644dea054177537d798c353335e1d5e
SHA512

55aa77a0a9a1b4b1d5c34e5d0547dd801e2aff6b5c0d03d098ec79e129f2cd2f3f98b77e61c80d21ce10f70f72072750f648c7ab4b4a7d33cc55b3b92574a0b3
SSDEEP

3072:avpOsLQGljuazw8IjhVSUOGsR6Ci2jHJM:psLQGljuKUjLBOGsgCi2D

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2208 wrote to memory of 2760	2208	rundll32.exe	28
PID 2208 wrote to memory of 2760	2208	rundll32.exe	28
PID 2208 wrote to memory of 2760	2208	rundll32.exe	28
PID 2208 wrote to memory of 2760	2208	rundll32.exe	28
PID 2208 wrote to memory of 2760	2208	rundll32.exe	28
PID 2208 wrote to memory of 2760	2208	rundll32.exe	28
PID 2208 wrote to memory of 2760	2208	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\7615c75eb65f4433bf2105fa522ddef1.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2208
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\7615c75eb65f4433bf2105fa522ddef1.dll,#1
  2⤵
  PID:2760

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads