Analysis
-
max time kernel
12s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
17-04-2024 01:26
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
combase_64.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
1800 seconds
Behavioral task
behavioral2
Sample
combase_64.dll
Resource
win10v2004-20240412-en
windows10-2004-x64
23 signatures
1800 seconds
General
-
Target
combase_64.dll
-
Size
22.4MB
-
MD5
1e2ff3166098b56f236723397be67e3d
-
SHA1
6241a0a48b41cd0e04cf2e05917000c5c5f89561
-
SHA256
fa3550f2dd13a40dea30c659e1851bdf59364f68dc2b7be9067772117d6b0928
-
SHA512
b8762bed4f18796a6af76698ccf535be4d9c495217547c5879fc69d924265b41588f7f0fb55f8bdccc63f609e53a0d7b2637338b6daff313ced1e463288ad14a
-
SSDEEP
393216:j0kYUOCNzlDcMyY8vgoxT8X7lyBjmp2WEap1BaO1p8zm1HLUCPFXX9ev:prOC/Ce78xmp2WEap1GzAUC9n9ev
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 2696 wrote to memory of 1312 2696 rundll32.exe rundll32.exe PID 2696 wrote to memory of 1312 2696 rundll32.exe rundll32.exe PID 2696 wrote to memory of 1312 2696 rundll32.exe rundll32.exe PID 2696 wrote to memory of 1312 2696 rundll32.exe rundll32.exe PID 2696 wrote to memory of 1312 2696 rundll32.exe rundll32.exe PID 2696 wrote to memory of 1312 2696 rundll32.exe rundll32.exe PID 2696 wrote to memory of 1312 2696 rundll32.exe rundll32.exe