Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/03/2024, 05:17

General

  • Target

    SnagIt 8/2KXP/SNAGITD8.dll

  • Size

    20KB

  • MD5

    ba5c00be01e2c67d407fe874f31dbd2e

  • SHA1

    18479dba8f82d3f2e0bf1eac16a281a3e520f9be

  • SHA256

    cdbd77f74566b5cbb3e7b6d286b5e6f7f3358d2934646c15b0113301456857f4

  • SHA512

    b2bc61715afd78cecdce1c9c6bf3729f34a3573219a71971461f58cb67e9034103ee3d1a5cd936773ba3e5b9c9f04da79b84bb23c6844de27d998bcad335210b

  • SSDEEP

    192:b09aNLDqrSqYiADy8+BghcFt6+gg8dBrXaVskTJqIbIekL/CldolMzMjGwP7/MkS:b8aNLD63AH+nXZGNStJSRLCcguYblD

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\SnagIt 8\2KXP\SNAGITD8.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3048
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\SnagIt 8\2KXP\SNAGITD8.dll",#1
      2⤵
        PID:2928

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads