Analysis

  • max time kernel
    148s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    18-04-2024 02:23

General

  • Target

    014960b00621ead2d2267bad617a74e9.dll

  • Size

    152KB

  • MD5

    014960b00621ead2d2267bad617a74e9

  • SHA1

    640534106af63ee5cff7718aee5c459ee5cd609f

  • SHA256

    69cbdb401d6c03f3d64b3bf48d527cb4bf507952f34b170a3d020707fc4ff7be

  • SHA512

    23c05ab73f21fd99abc965afbfd4f583b176fa345cdefe45c087cd53f355a735f7001f7c86ddc880bdd4642de7dd93b530687c4193c03d3eb0832d8e973cbdf3

  • SSDEEP

    3072:ZwIlou75k4WvRcdqFfn7N1HGXyyf/dBWrr4IHtTBf9av9w956frb:WKN75k1NFf7N1HGXyyN0IIHtTB41w9wD

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\014960b00621ead2d2267bad617a74e9.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\014960b00621ead2d2267bad617a74e9.dll,#1
      2⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:1672

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads