Overview

overview

3

Static

static

3

b610b9dc4e...95.dll

windows7-x64

1

b610b9dc4e...95.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/03/2024, 00:38

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b610b9dc4e75acbf7e67d555cf669c95.dll

  • Size

    7.7MB

  • MD5

    b610b9dc4e75acbf7e67d555cf669c95

  • SHA1

    dc13d6580e475714120ef70daa91d7ac066dfdcd

  • SHA256

    e1d0c6af47aac357b58219324d45fe10bdabc157920e93db153866ef7ba5fc1d

  • SHA512

    12cbcdcf7c3552b871e7fb2452f43230dad0077f7040f79e839995053fcf0b081de70260f8202dbe2db32a7b3f385efbaf6748ad41cfb3c6571fb72f7080afd7

  • SSDEEP

    3072:pYz6VKF3M8OkkdDRqVotBm7rWdXuX8eJUFIXuYqY/dT9dTW:pY6KF37OkkfqVoBgQuMeJUFIXuA1fW

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\b610b9dc4e75acbf7e67d555cf669c95.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3096
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\b610b9dc4e75acbf7e67d555cf669c95.dll,#1
      2⤵
        PID:740

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/740-0-0x0000000010000000-0x0000000010031000-memory.dmp

            Filesize

            196KB

            Download