7c1331eca94f1c3d9e82309883c4406eb1c39de37f08420d304da898c00375b0 | Triage

Analysis

max time kernel
144s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26-01-2024 11:50

Sharing

Report Analysis Logs

General

Target

7747969f815988556ae0c47cccd71e5e.dll
Size

3KB
MD5

7747969f815988556ae0c47cccd71e5e
SHA1

3621f342913c50bc8e166bd02c0a8581f901f20a
SHA256

7c1331eca94f1c3d9e82309883c4406eb1c39de37f08420d304da898c00375b0
SHA512

3f94d1c94adbdd871400ef4cfe0e91a7ced860ac9193dc870b641d2fbb016d07762af62138f6daf669998912c561a6de32bfc8ad42e60f7e0a13ee68b749f553

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 840 wrote to memory of 2604	840	rundll32.exe	87
PID 840 wrote to memory of 2604	840	rundll32.exe	87
PID 840 wrote to memory of 2604	840	rundll32.exe	87

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\7747969f815988556ae0c47cccd71e5e.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:840
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\7747969f815988556ae0c47cccd71e5e.dll,#1
  2⤵
  PID:2604

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads