Analysis

  • max time kernel
    147s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/03/2024, 21:47

General

  • Target

    FSMaxView/fsplugin01.dll

  • Size

    357KB

  • MD5

    0ee59b3adbf3efcb48215f4cd089200e

  • SHA1

    22d1f047213e99f1cbbdc26c6a8878b3785f2652

  • SHA256

    4f0fcb75aaeb4d25d075fb01ee55d8c6cb18f30aae40bc0d914af05c518f8b84

  • SHA512

    8ab61590d03a35143f425ab22a9a71b05ca5002f4358d36abc70ec5d798687ceb495092b79676ec903cb46350611b819e9696aab3c929ea357a58fa319498b82

  • SSDEEP

    6144:7Paly7XiaHTV66Lik/kR48WC9149rAstoKN5zpXwkV5cEsEcch65i:7yoriaH53RkRhWC9C9rwuVmXE965

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\FSMaxView\fsplugin01.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4864
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\FSMaxView\fsplugin01.dll,#1
      2⤵
        PID:4288

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads