9295066f78a2d3e9dfb9c2d2c1cca60b82c535fe55f05126d3568ee6e3ee2fb4

Analysis

max time kernel
92s
max time network
114s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
19/04/2024, 00:38

Target

9295066f78a2d3e9dfb9c2d2c1cca60b82c535fe55f05126d3568ee6e3ee2fb4.dll
Size

5KB
MD5

abe89157dcfb2f84a44a448d6856e187
SHA1

0050924bc7e6807eabb5d6c9506791913bdece37
SHA256

9295066f78a2d3e9dfb9c2d2c1cca60b82c535fe55f05126d3568ee6e3ee2fb4
SHA512

44e881e38c19eee4007cdf1d4ad4a4253c2c0bdf9e33d72e384e419d3f93eb5634918bc6affa6be79cba3988c0907d0e4e19a310198e78de16b6bae4876ff797
SSDEEP

96:DixZjmjtjd8jPjcZGR5TIw3CC9MRn9LinMNbYWB0I6Eesu:unSR6bgY+T9f

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2840 wrote to memory of 4548	2840	rundll32.exe	84
PID 2840 wrote to memory of 4548	2840	rundll32.exe	84
PID 2840 wrote to memory of 4548	2840	rundll32.exe	84

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\9295066f78a2d3e9dfb9c2d2c1cca60b82c535fe55f05126d3568ee6e3ee2fb4.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2840
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\9295066f78a2d3e9dfb9c2d2c1cca60b82c535fe55f05126d3568ee6e3ee2fb4.dll,#1
  2⤵
  PID:4548