fdbc19dad089f0a818a5ed7e5ccadd1dc122c127698eaf23aa5e0992562ceb60

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
11/03/2024, 15:30

Target

c0f09a58b98d76252e9919e9a06679c2.dll
Size

90KB
MD5

c0f09a58b98d76252e9919e9a06679c2
SHA1

dd36b43815c04093d92985d0ecc6a4262e66b173
SHA256

fdbc19dad089f0a818a5ed7e5ccadd1dc122c127698eaf23aa5e0992562ceb60
SHA512

1560fd571918846de016daffcaa75b3abd8c5ff2c9ccd17d7e2fb5db63111025e0970724061951ba9ff6bbcf6855accc5a04bf6d4b91ba378f793e37fb67b6fa
SSDEEP

1536:qWNTI2j7IGPmy5guIRpDmq1bzqrgWLGPK3yioBpu73V99XLi1G0:qWNTHTey5HCvzqrLLG0ydnu73V99EG0

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1752-0-0x0000000010000000-0x000000001000E000-memory.dmp	upx
behavioral1/memory/1752-1-0x0000000010000000-0x000000001000E000-memory.dmp	upx

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2188 wrote to memory of 1752	2188	rundll32.exe	28
PID 2188 wrote to memory of 1752	2188	rundll32.exe	28
PID 2188 wrote to memory of 1752	2188	rundll32.exe	28
PID 2188 wrote to memory of 1752	2188	rundll32.exe	28
PID 2188 wrote to memory of 1752	2188	rundll32.exe	28
PID 2188 wrote to memory of 1752	2188	rundll32.exe	28
PID 2188 wrote to memory of 1752	2188	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\c0f09a58b98d76252e9919e9a06679c2.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2188
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\c0f09a58b98d76252e9919e9a06679c2.dll,#1
  2⤵
  PID:1752

memory/1752-0-0x0000000010000000-0x000000001000E000-memory.dmp

Filesize
56KB

Download
memory/1752-1-0x0000000010000000-0x000000001000E000-memory.dmp

Filesize
56KB

Download
memory/1752-2-0x0000000010000000-0x000000001000E000-memory.dmp

Filesize
56KB

Download