befb30dcfed27a7514d13d03155e5ffcf1a1a459488337f36e326280ce83e8ea

Analysis

max time kernel
120s
max time network
123s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
26-03-2024 21:21

Target

e01f9373946d81267c7694743e719d6d.dll
Size

5KB
MD5

e01f9373946d81267c7694743e719d6d
SHA1

cabf2b01d3ea06ad1c0e3379e86a95bfc42ed198
SHA256

befb30dcfed27a7514d13d03155e5ffcf1a1a459488337f36e326280ce83e8ea
SHA512

3231955dd5f8773ef73911ba34d60a70bea3353ca4cb83f147beec19e645daa10afce037ea3eed35e98c9f3aeecfe861d334abeb7bdf46c3e63e5c0917260884
SSDEEP

48:6P9vwgAO8AwWzqH665Rn6yMnhaZZmbf2SR4S5fHYXVFJkBjTDyni1ZQ40lTbU9+2:o3A7lJ5Rn6yMhaZMR4GQAzM40lYZ4K

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2340 wrote to memory of 2320	2340	rundll32.exe	28
PID 2340 wrote to memory of 2320	2340	rundll32.exe	28
PID 2340 wrote to memory of 2320	2340	rundll32.exe	28
PID 2340 wrote to memory of 2320	2340	rundll32.exe	28
PID 2340 wrote to memory of 2320	2340	rundll32.exe	28
PID 2340 wrote to memory of 2320	2340	rundll32.exe	28
PID 2340 wrote to memory of 2320	2340	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\e01f9373946d81267c7694743e719d6d.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2340
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\e01f9373946d81267c7694743e719d6d.dll,#1
  2⤵
  PID:2320