76d008d9955509d3db6e190acfa58fdf12fc64253884ac6981187a3e5ffdeb20

Analysis

max time kernel
150s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10-04-2024 12:01

Target

update/log.dll
Size

54KB
MD5

2a747a6201189e133c18ae24e44476f3
SHA1

002be31d69cf30bc8a8e2ed51c038a5bdfd88141
SHA256

0cc36dd25e099cc6f1798dabe1d6a3e2d8c3883aa0e0d7296e94d035cdb74f3c
SHA512

36080f7595b6a1c05ecce348a75adbac4cdf8ccc441a724e3aa50130c62cd74d3948dabf8343b95cd90043f569b7f301f94102626942e9c0080133c486a830b3
SSDEEP

768:Wt0W/UGbqXrc1CwcBosKPVTGccEzNl/KCTn2B7gXzcffXjkDIA8W1116iNTN82lz:W1GCnTGcx+CT07gjc308YvRe2iw

Score

1^/10

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

rundll32.exe

pid process

960 rundll32.exe
960 rundll32.exe
960 rundll32.exe
960 rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\update\log.dll,#1
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:960

memory/960-0-0x00007FFD0EEE0000-0x00007FFD0EEE1000-memory.dmp

Filesize
4KB

Download