Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
06-03-2024 14:33
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
1.dll
Resource
win7-20240220-en
windows7-x64
2 signatures
150 seconds
General
-
Target
1.dll
-
Size
840KB
-
MD5
c18ed17355b2cbeb35492c5655ce3169
-
SHA1
4f6d42a41ed6fa567c8f0f835a2cd5662f7f3978
-
SHA256
dcbbe31e1100edad1738c3f997543c5085b5b2a5b610dd08ada35427827c1231
-
SHA512
82d5aa7a1b5d0e48b8532a58f734f1e7840e8a7907bf09677c46d80e43d6cb1cfc2bece10857c9f07a9cde4336bb5d0fee90fa25b38ed1566fcb9426a34b28bf
-
SSDEEP
24576:ee9nfmpSVmL+Cf72yb1SFEtEfPmY4uRD7HpUMhOw8ghE:dBmpSVmLfCDfPJ4cDFPhmghE
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2128 rundll32.exe -
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1660 wrote to memory of 2128 1660 rundll32.exe 28 PID 1660 wrote to memory of 2128 1660 rundll32.exe 28 PID 1660 wrote to memory of 2128 1660 rundll32.exe 28 PID 1660 wrote to memory of 2128 1660 rundll32.exe 28 PID 1660 wrote to memory of 2128 1660 rundll32.exe 28 PID 1660 wrote to memory of 2128 1660 rundll32.exe 28 PID 1660 wrote to memory of 2128 1660 rundll32.exe 28