37c101609fcb042c7a796d3f1946613fcd31e1cb728b5c0aadc7ed563c0ee336

Analysis

max time kernel
92s
max time network
121s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
12-02-2024 06:32

Target

37c101609fcb042c7a796d3f1946613fcd31e1cb728b5c0aadc7ed563c0ee336.dll
Size

120KB
MD5

05512ab909986216a8c436f1526db1d5
SHA1

e2c0aadab67c38631d8f4abb21d6efc823ac80b3
SHA256

37c101609fcb042c7a796d3f1946613fcd31e1cb728b5c0aadc7ed563c0ee336
SHA512

0d6d53edc0a8a393188a0d2c9d3aa48756368ac38270ce621c9b1d4b959a86d859da49f8380260da457cf4dc710358c23aeadfaf8a7d2dc7eba2b44c3a80ac19
SSDEEP

1536:9MY2GG2DGX4EQwZQ4iAWXzkE85k6ZRXRV1/Z/S/Cujff:+YKIbwZMAWXshZRXRV1hKqM

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1188 wrote to memory of 2784	1188	rundll32.exe	17
PID 1188 wrote to memory of 2784	1188	rundll32.exe	17
PID 1188 wrote to memory of 2784	1188	rundll32.exe	17

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\37c101609fcb042c7a796d3f1946613fcd31e1cb728b5c0aadc7ed563c0ee336.dll,#1
1⤵
PID:2784

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\37c101609fcb042c7a796d3f1946613fcd31e1cb728b5c0aadc7ed563c0ee336.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1188