a76a8bb2933d31e9b27fd9751dabdc811182622285f24495a0c007467f88e259

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
26-01-2024 11:59

Target

774c547c10c93bb3f57e8ade178f7304.dll
Size

22KB
MD5

774c547c10c93bb3f57e8ade178f7304
SHA1

13463f92d0290d74d30c7587f68c54db8947c566
SHA256

a76a8bb2933d31e9b27fd9751dabdc811182622285f24495a0c007467f88e259
SHA512

fae29fd18d3bd3e09fe2c994ef9703fc4f2445586a31e194863562e6626492bf26d6c27db4327722aa2393d71402cfdd591d27cf24fc9eda8208e1c42a68c578
SSDEEP

384:l4WbxTgUxyH0qaRnOJ43GQdnjXfyUJjeJB1T9L4/RK0PkfkPype:lTbxTgUxy3aRnXhX6SGBYJK01Ks

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2380 wrote to memory of 2368	2380	rundll32.exe	8
PID 2380 wrote to memory of 2368	2380	rundll32.exe	8
PID 2380 wrote to memory of 2368	2380	rundll32.exe	8
PID 2380 wrote to memory of 2368	2380	rundll32.exe	8
PID 2380 wrote to memory of 2368	2380	rundll32.exe	8
PID 2380 wrote to memory of 2368	2380	rundll32.exe	8
PID 2380 wrote to memory of 2368	2380	rundll32.exe	8

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\774c547c10c93bb3f57e8ade178f7304.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2380
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\774c547c10c93bb3f57e8ade178f7304.dll,#1
  2⤵
  PID:2368