Resubmissions

20-03-2024 09:55

240320-lxzn8sdh94 10

20-03-2024 09:53

240320-lwzb3sef3x 10

18-03-2024 09:01

240318-ky38dadf6s 10

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    18-03-2024 09:01

General

  • Target

    1eb0b48ca74c119b53d372de7d639f0bcb1337fb526347fb3b22f62214280e1d.dll

  • Size

    158KB

  • MD5

    fd618940c30715bc3a539f9c9592baf9

  • SHA1

    8ff1b7306d00e6d04bcbff68c57acf4895d0518b

  • SHA256

    1eb0b48ca74c119b53d372de7d639f0bcb1337fb526347fb3b22f62214280e1d

  • SHA512

    caa6505e9bb5ae38589d2f2ad2ae8f2cc5e9381d883c5a16663f2bcfbf54826d682f6c12f6c89100d2f8059965b3f90dc9d4cc2d2f41fceed64b46127cf59f29

  • SSDEEP

    3072:W/LecLDzqMDMXSBTWD85cb0E/fsO+L0ukZsqSkq2jSU:W/pDzqMGSBTWD85cb0AHya4kq2O

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\1eb0b48ca74c119b53d372de7d639f0bcb1337fb526347fb3b22f62214280e1d.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\1eb0b48ca74c119b53d372de7d639f0bcb1337fb526347fb3b22f62214280e1d.dll,#1
      2⤵
        PID:1448

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads