Analysis
-
max time kernel
73s -
max time network
78s -
platform
windows11-21h2_x64 -
resource
win11-20231215-en -
resource tags
arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system -
submitted
12-02-2024 00:41
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
InjectionLibrary.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
1 signatures
120 seconds
Behavioral task
behavioral2
Sample
InjectionLibrary.dll
Resource
win11-20231215-en
windows11-21h2-x64
1 signatures
120 seconds
Behavioral task
behavioral3
Sample
NostalgiaPaste.exe
Resource
win10v2004-20231222-en
windows10-2004-x64
13 signatures
120 seconds
General
-
Target
InjectionLibrary.dll
-
Size
78KB
-
MD5
64ef546a5a013f36524507e7dfc70d09
-
SHA1
d6d0aabdc88b7a875fd666a65194e250cd9ef3e5
-
SHA256
7919342e61f58303b1efe7bc3f2a612b717d64069c45eb53f0193218821d0016
-
SHA512
b409aaaf770bf0ca436e66279a324158845cba04ad892bbe98c0e32e96faacf83108d5e5b2b51efb59c8a3fccb4476303af47408f1a26bd79b18008ceaa7cc6b
-
SSDEEP
1536:E2t6wUtyYiZdqESehfyNHhwTZNzTedgzmZLtQ/5i:7t6LMXZdkaKNHhwTZRTej9Y4
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4688 wrote to memory of 1300 4688 rundll32.exe 76 PID 4688 wrote to memory of 1300 4688 rundll32.exe 76 PID 4688 wrote to memory of 1300 4688 rundll32.exe 76