Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15-04-2024 21:11

General

  • Target

    d0687f47a1b2b1b9cf568a53f22e4af40bb2dbec2eb1fe7e1a4d576a0b4dd441.dll

  • Size

    385KB

  • MD5

    64a5bc21363a40a640c5c6ded9e88a77

  • SHA1

    9a386da54971628fa7746494e4f5d103e60304e5

  • SHA256

    d0687f47a1b2b1b9cf568a53f22e4af40bb2dbec2eb1fe7e1a4d576a0b4dd441

  • SHA512

    84b0196443ac8825bdd5d6bb3e5a0a638d39c6b72318cbb3a3dc0a3dee0833f9fab6a2e12003fc488e5df0aaba88c25e58083c960c42229c0113e540656c4c01

  • SSDEEP

    3072:2OXYdgV+doY5P7Z1SGhHcKpknnhBPogsDAUEXfMu9py4JZ9q91:2Ood7/SuGhBPnsEUofhPq91

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\d0687f47a1b2b1b9cf568a53f22e4af40bb2dbec2eb1fe7e1a4d576a0b4dd441.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2236
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\d0687f47a1b2b1b9cf568a53f22e4af40bb2dbec2eb1fe7e1a4d576a0b4dd441.dll,#1
      2⤵
        PID:2232

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads