d376164e377577fc590a780d15603d6411fde6e45ea21971670d5dff597d9def

Analysis

max time kernel
146s
max time network
163s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10/04/2024, 14:20

Target

d376164e377577fc590a780d15603d6411fde6e45ea21971670d5dff597d9def.dll
Size

48KB
MD5

5faa973967fee2f35229685ceacf20b3
SHA1

d9e12317a43f233a739972723abc00f1b88f53b0
SHA256

d376164e377577fc590a780d15603d6411fde6e45ea21971670d5dff597d9def
SHA512

179346e1b63ada8faec34ddc5f1a3b8b5a3df693bb254b1c30db8af9fd33d052ab4fded3c96d3c8bac066908f8362c796adbc6fce627d7a6eec50803f2f8ff9a
SSDEEP

192:hn2XPvVr7v4mTa6r3BNSPbjDk3W1AKnKMBRgVFQ:hnytBN2UWDI

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2776 wrote to memory of 4044	2776	rundll32.exe	85
PID 2776 wrote to memory of 4044	2776	rundll32.exe	85
PID 2776 wrote to memory of 4044	2776	rundll32.exe	85

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\d376164e377577fc590a780d15603d6411fde6e45ea21971670d5dff597d9def.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2776
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\d376164e377577fc590a780d15603d6411fde6e45ea21971670d5dff597d9def.dll,#1
  2⤵
  PID:4044