5554fff43d58d9d93e0138fab2ee34dc48247374a7fcca34a07fbb32a8eed1dc

Analysis

max time kernel
118s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
13-03-2024 15:08

Target

5554fff43d58d9d93e0138fab2ee34dc48247374a7fcca34a07fbb32a8eed1dc.dll
Size

899KB
MD5

5a982957bd5ff732782d2a13cd55eda5
SHA1

1682c40a34ffe83e4852a7a123a6bd3eda2d952a
SHA256

5554fff43d58d9d93e0138fab2ee34dc48247374a7fcca34a07fbb32a8eed1dc
SHA512

82c67966c38c021e6f906bbd8b165d5dcbea1786b84504782075b7e1ed3d601364fe7c85807d99e4cd7070dfc44c3e96956a73c511cb8c48f26941a64ad86dc7
SSDEEP

24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXE:7wqd87VE

Score

1^/10

Suspicious behavior: RenamesItself 1 IoCs

pid	Process
2360	rundll32.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\5554fff43d58d9d93e0138fab2ee34dc48247374a7fcca34a07fbb32a8eed1dc.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2344
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\5554fff43d58d9d93e0138fab2ee34dc48247374a7fcca34a07fbb32a8eed1dc.dll,#1
  2⤵
  - Suspicious behavior: RenamesItself
  PID:2360