939890a41300255cb10de1a1f2dc66cc20d25a3982f0aec04297aeba6fefa97a

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
06/03/2024, 21:56

Target

939890a41300255cb10de1a1f2dc66cc20d25a3982f0aec04297aeba6fefa97a.dll
Size

6KB
MD5

c7f4224a6352371532a7d1b36be8f8ce
SHA1

930b5ddda646ef79d7de6f094fbd50980fc09133
SHA256

939890a41300255cb10de1a1f2dc66cc20d25a3982f0aec04297aeba6fefa97a
SHA512

1f064115ef20bfc159af85377b7ce13f64fc65095c8f33811c4f32e092fb6045bdf2d693a95c8b12f087f50c1e8449ad724488f82c35134c53f4754bb511c4db
SSDEEP

96:hy859x0P8MaogNoR0vL9+jAmG1o8d3zitCSPFdeAHUc4s:F5oL2NoUmQ3jcd

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 920 wrote to memory of 4928	920	rundll32.exe	89
PID 920 wrote to memory of 4928	920	rundll32.exe	89
PID 920 wrote to memory of 4928	920	rundll32.exe	89

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\939890a41300255cb10de1a1f2dc66cc20d25a3982f0aec04297aeba6fefa97a.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:920
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\939890a41300255cb10de1a1f2dc66cc20d25a3982f0aec04297aeba6fefa97a.dll,#1
  2⤵
  PID:4928