95f527683e09bd63743ed2b70eb15dff729afb560f966e3a158aaf839e7060c6 | Triage

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
09/04/2024, 23:09

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a60cea92a83ff568fdf110be0d1d2992.dll
Size

3KB
MD5

a60cea92a83ff568fdf110be0d1d2992
SHA1

00045d342695e3f32e50a12476f682deb951e98b
SHA256

95f527683e09bd63743ed2b70eb15dff729afb560f966e3a158aaf839e7060c6
SHA512

c0a6caed8fc181c4163f2ba273dee24e8ba3b13df1d04e6d4077e036e525fbfe840121c66c9c397517014140a8838c8b4570e0980b4899d2a55c19c9b1c4ac96

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1624 wrote to memory of 4036	1624	rundll32.exe	88
PID 1624 wrote to memory of 4036	1624	rundll32.exe	88
PID 1624 wrote to memory of 4036	1624	rundll32.exe	88

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\a60cea92a83ff568fdf110be0d1d2992.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1624
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\a60cea92a83ff568fdf110be0d1d2992.dll,#1
  2⤵
  PID:4036

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads