797e52d61827ac81a4528d8ae01e56a96b26941954d644ddfa009a1a6e179fd8

Analysis

max time kernel
145s
max time network
150s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
28-03-2024 16:52

Target

miflash_unlock-en-6.5.224.28/libEGL.dll
Size

179KB
MD5

a3da8bd13367e7df13fa0cbc01800db3
SHA1

9396f6ee9080306a3255769f1287322f25598457
SHA256

3f2f6629a28a95eb182785b4b305b449479abea3869b878999b00eec4121b42a
SHA512

76e3ef5a761cd618ec570f26efae65e4d1f71e04b36c0102198ea250fc288ed4f99c0e613b08af51df1c600721a7e47c7a843d4c7284235c08a80d106125875c
SSDEEP

3072:9yKei4mfMRGAtObHN+DsAg0Fu91k+Ag0Fua5hCCspnNrV:kKaDGAQbt8sAOk+AOaS9p

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4416 wrote to memory of 4760	4416	rundll32.exe	78
PID 4416 wrote to memory of 4760	4416	rundll32.exe	78
PID 4416 wrote to memory of 4760	4416	rundll32.exe	78

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\miflash_unlock-en-6.5.224.28\libEGL.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4416
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\miflash_unlock-en-6.5.224.28\libEGL.dll,#1
  2⤵
  PID:4760