7e39d21697faa48a2b6a43a647ead0edad1afe41d3029e4b4bc22977a541c643

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
12-03-2024 01:40

Target

c222cc6b3cee3ed84b6136e2d0108439.dll
Size

64KB
MD5

c222cc6b3cee3ed84b6136e2d0108439
SHA1

2e054463c78401937ebd363ca0f6e55e706be76f
SHA256

7e39d21697faa48a2b6a43a647ead0edad1afe41d3029e4b4bc22977a541c643
SHA512

0ed0afa1bcd4f934bb431ef99b2dc7b163f4293dc1895e6db91bd372f0904c69b3aef4d2f83e62d06640565827c6860d124c4d9f1cdd80603b63d1b9119f2717
SSDEEP

768:UHLEjXqOcy48wA+LkoqW8lyTxkw9U2p26wbzC5sdxMjiB9UQgwWHiGOs3qD:UWaC+Ltq1lyTCM8nzN4los6D

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4620 wrote to memory of 1176	4620	rundll32.exe	89
PID 4620 wrote to memory of 1176	4620	rundll32.exe	89
PID 4620 wrote to memory of 1176	4620	rundll32.exe	89

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\c222cc6b3cee3ed84b6136e2d0108439.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4620
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\c222cc6b3cee3ed84b6136e2d0108439.dll,#1
  2⤵
  PID:1176