Analysis
-
max time kernel
143s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
04/02/2024, 09:06
Static task
static1
Behavioral task
behavioral1
Sample
8ec1abd7be3b974934f8c92f8e363a03.dll
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
8ec1abd7be3b974934f8c92f8e363a03.dll
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
8ec1abd7be3b974934f8c92f8e363a03.dll
-
Size
53KB
-
MD5
8ec1abd7be3b974934f8c92f8e363a03
-
SHA1
14366a0fb5b001c7e5595da20dd47c85d37265b0
-
SHA256
4577e1340f659c9192ccecb6099f087d7e71773cdde470acc48c518fc0144281
-
SHA512
986f37a9a8323c8eb7207dd1bb60f082c96980a23ec9d84560ee0320d716d7f296b347b19e2530392448e4917ed03f0cdc3662d1882ba00813fe90d24d6143f0
-
SSDEEP
1536:tS8ahR1LD2DkGmMNuYcoEFvj/Z4uDizc9oA:tbahR1LD2DMKcjV4uDizc9j
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2848 wrote to memory of 2168 2848 rundll32.exe 84 PID 2848 wrote to memory of 2168 2848 rundll32.exe 84 PID 2848 wrote to memory of 2168 2848 rundll32.exe 84
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\8ec1abd7be3b974934f8c92f8e363a03.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2848 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\8ec1abd7be3b974934f8c92f8e363a03.dll,#12⤵PID:2168
-