990a23e60d692e712b2a90946bd5f1d0d90a4215242345ac9ea0d66cad7775da

Analysis

max time kernel
15s
max time network
22s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
07/03/2024, 22:37

Target

990a23e60d692e712b2a90946bd5f1d0d90a4215242345ac9ea0d66cad7775da.dll
Size

6KB
MD5

80b465cc9c071b1bdc09f327b433034f
SHA1

ea1107d2e2f10b5c33b5892bb05131ca022e6c1e
SHA256

990a23e60d692e712b2a90946bd5f1d0d90a4215242345ac9ea0d66cad7775da
SHA512

a645f2dbcc79f368a11f4904a1f23d10171a77e913e5e7812fe7f0bb18ba1266dc911f536a3c4ef5a447ff71c8ffa51ad420f3063bfdbe155be52d999984f77e
SSDEEP

48:CCy86+Wet9Q/iooHeiefhe+/lSMYEqzJ+uz2eaWrg46w47rEqn0oo36P3q:hy859x0P8MaA4aM6/

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2068 wrote to memory of 2556	2068	rundll32.exe	30
PID 2068 wrote to memory of 2556	2068	rundll32.exe	30
PID 2068 wrote to memory of 2556	2068	rundll32.exe	30
PID 2068 wrote to memory of 2556	2068	rundll32.exe	30
PID 2068 wrote to memory of 2556	2068	rundll32.exe	30
PID 2068 wrote to memory of 2556	2068	rundll32.exe	30
PID 2068 wrote to memory of 2556	2068	rundll32.exe	30

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\990a23e60d692e712b2a90946bd5f1d0d90a4215242345ac9ea0d66cad7775da.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2068
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\990a23e60d692e712b2a90946bd5f1d0d90a4215242345ac9ea0d66cad7775da.dll,#1
  2⤵
  PID:2556