Overview

overview

3

Static

static

3

c1982f0fec...9d.dll

windows7-x64

1

c1982f0fec...9d.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    129s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/03/2024, 21:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c1982f0fec29c2ce13e4fa2acecf8b9d.dll

  • Size

    40KB

  • MD5

    c1982f0fec29c2ce13e4fa2acecf8b9d

  • SHA1

    a3734352f6dedb8e8fda62708b6e6c7cad3c7648

  • SHA256

    30d3f5e97cd93f876f55ca54aba0c661f347c9925028ba58dd34c4a30bbe48ba

  • SHA512

    355032e8a3cb9576fc7f168d69e007e1e91db8e2700def9f51c4bf747bf56126dc4c1988a4f708e2f905385bb2e7690b8e23ff35ca01f3ab42933a7af04fd83b

  • SSDEEP

    384:xZRYyFcSIlasuDVzSo82IAm0PbaV0Nnp/NlNhxhGuVhqk7nW/WMhz:/4I0o8pACEp1vVGQhV

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\c1982f0fec29c2ce13e4fa2acecf8b9d.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3808
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\c1982f0fec29c2ce13e4fa2acecf8b9d.dll,#1
      2⤵
        PID:1032

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads