38cc7459488d745ff58d840f386a47ac0fee30c83d8769c9a332d31c5083b280

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
15/03/2024, 13:55

Target

cb944037e7cd01eb364c5a05e986efee.dll
Size

938KB
MD5

cb944037e7cd01eb364c5a05e986efee
SHA1

a14f4f461fb8b011b40d01c27d756aa968e7218e
SHA256

38cc7459488d745ff58d840f386a47ac0fee30c83d8769c9a332d31c5083b280
SHA512

0b643e70473ab44c4e3fd6c4bd186a10091aedfc38e54860c2284a33dc9c05a2441c564787c79e9726bf171882c7043b3578db7cb668655186f5ab6589bf56d0
SSDEEP

24576:/nk+klmfipyu22WcmlJujavgJSLZbM1S9ZhbrqyJ8pL4FV:/MQu2XG8ZoI9Z9rqyI4j

Score

1^/10

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2232	rundll32.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2372 wrote to memory of 2232	2372	rundll32.exe	28
PID 2372 wrote to memory of 2232	2372	rundll32.exe	28
PID 2372 wrote to memory of 2232	2372	rundll32.exe	28
PID 2372 wrote to memory of 2232	2372	rundll32.exe	28
PID 2372 wrote to memory of 2232	2372	rundll32.exe	28
PID 2372 wrote to memory of 2232	2372	rundll32.exe	28
PID 2372 wrote to memory of 2232	2372	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\cb944037e7cd01eb364c5a05e986efee.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2372
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\cb944037e7cd01eb364c5a05e986efee.dll,#1
  2⤵
  - Suspicious use of SetWindowsHookEx
  PID:2232