03646dffa9c0b0d331dc5566992e64516326e24fc52496bf6cd27f801190a964

Analysis

max time kernel
151s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
09-03-2024 19:04

Target

03646dffa9c0b0d331dc5566992e64516326e24fc52496bf6cd27f801190a964.dll
Size

93KB
MD5

5ee453262f41d697da0adfe04655e555
SHA1

3052bf1b8626879c11d7ece6d88fb435ee6c9cf1
SHA256

03646dffa9c0b0d331dc5566992e64516326e24fc52496bf6cd27f801190a964
SHA512

874dd4a7b88403409171f2580839a6d0d2497a04cf0180b040d7b760a8961da2baaa65d36525e896d33c2f81d667379cd005b853e27855e6214a08b81f7289c5
SSDEEP

1536:s7J+Gf83ITXPtI6ldGgTFvMKoR+sCHIwI5IqpfFu3OJk2wSNuTQAjA:s7JJTtI6djtMKo3k7I5IqpMqwSNYQwA

Score

1^/10

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3584	rundll32.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 5060 wrote to memory of 3584	5060	rundll32.exe	95
PID 5060 wrote to memory of 3584	5060	rundll32.exe	95
PID 5060 wrote to memory of 3584	5060	rundll32.exe	95

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\03646dffa9c0b0d331dc5566992e64516326e24fc52496bf6cd27f801190a964.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:5060
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\03646dffa9c0b0d331dc5566992e64516326e24fc52496bf6cd27f801190a964.dll,#1
  2⤵
  - Suspicious use of SetWindowsHookEx
  PID:3584

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3904 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:8
1⤵
PID:1804

memory/3584-0-0x0000000010000000-0x0000000010024000-memory.dmp

Filesize
144KB

Download
memory/3584-1-0x0000000000530000-0x0000000000542000-memory.dmp

Filesize
72KB

Download
memory/3584-2-0x0000000010000000-0x0000000010024000-memory.dmp

Filesize
144KB

Download
memory/3584-3-0x0000000010000000-0x0000000010024000-memory.dmp

Filesize
144KB

Download
memory/3584-4-0x0000000010000000-0x0000000010024000-memory.dmp

Filesize
144KB

Download