63450cb33f07d953db503c14d3e3444d7bf9e460802a948b53c5d4618d9f3ca0

Analysis

max time kernel
118s
max time network
129s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
04/04/2024, 21:25

Target

63450cb33f07d953db503c14d3e3444d7bf9e460802a948b53c5d4618d9f3ca0.dll
Size

7KB
MD5

671ae3cc5cea9cc057f55fadbd9716fe
SHA1

fe08ebd2cd68b9b2c1d579e89c5644867bb376d8
SHA256

63450cb33f07d953db503c14d3e3444d7bf9e460802a948b53c5d4618d9f3ca0
SHA512

1b464e6b44661d9985afd76e1b9d5a91d83a041e23be77ee5acdabc23d362baad2a8c0eb41bd117119a745f237e102b4ad148294e6c4ac5fd61045641d6c18a6
SSDEEP

48:66ay5YVO3EVkApc2wp8hH1NZn5EquglQ067YbPWdbABbgL3q9J5S2hmc:b3EVkApcX4Hiv0hbPDq3qX5S2hV

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2148 wrote to memory of 2296	2148	rundll32.exe	27
PID 2148 wrote to memory of 2296	2148	rundll32.exe	27
PID 2148 wrote to memory of 2296	2148	rundll32.exe	27
PID 2148 wrote to memory of 2296	2148	rundll32.exe	27
PID 2148 wrote to memory of 2296	2148	rundll32.exe	27
PID 2148 wrote to memory of 2296	2148	rundll32.exe	27
PID 2148 wrote to memory of 2296	2148	rundll32.exe	27

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\63450cb33f07d953db503c14d3e3444d7bf9e460802a948b53c5d4618d9f3ca0.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2148
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\63450cb33f07d953db503c14d3e3444d7bf9e460802a948b53c5d4618d9f3ca0.dll,#1
  2⤵
  PID:2296