660b157a01c70643b24c78f2c31ea81af3ff3639ac1444fa07865e8f7ef22187

Analysis

max time kernel
119s
max time network
125s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
07/03/2024, 20:40

Target

660b157a01c70643b24c78f2c31ea81af3ff3639ac1444fa07865e8f7ef22187.dll
Size

6KB
MD5

5a0def7b9c97229024b1ff06241f3de7
SHA1

eae5e180c04f8f43f1e2ec6230e65e9388c2dd7a
SHA256

660b157a01c70643b24c78f2c31ea81af3ff3639ac1444fa07865e8f7ef22187
SHA512

59575fc9432eae371361c8966aecaa301f3ba0c78c786c99620faea2ab5266836e79bb78ee77919521543d4f2ce59d8b6db4f1a4908e5a536c7b770010f3c29a
SSDEEP

96:DixZjmjtjd8jPjcZGR5TI68sAhzB+t/Z/1AOv5YGu0C9je1Vl:unSR6bgYn8zh1+tJyuFC9jQD

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2292 wrote to memory of 1448	2292	rundll32.exe	28
PID 2292 wrote to memory of 1448	2292	rundll32.exe	28
PID 2292 wrote to memory of 1448	2292	rundll32.exe	28
PID 2292 wrote to memory of 1448	2292	rundll32.exe	28
PID 2292 wrote to memory of 1448	2292	rundll32.exe	28
PID 2292 wrote to memory of 1448	2292	rundll32.exe	28
PID 2292 wrote to memory of 1448	2292	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\660b157a01c70643b24c78f2c31ea81af3ff3639ac1444fa07865e8f7ef22187.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2292
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\660b157a01c70643b24c78f2c31ea81af3ff3639ac1444fa07865e8f7ef22187.dll,#1
  2⤵
  PID:1448