Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/04/2024, 02:37

General

  • Target

    2cc90226c7a77d9f706f063fb11acdc873ab761988561dc63998c73742d94c0f.dll

  • Size

    51KB

  • MD5

    0df7850634165b0d20c11255f96afc6c

  • SHA1

    1faf9f41e619285de84534a2bb5fdcf6093f6556

  • SHA256

    2cc90226c7a77d9f706f063fb11acdc873ab761988561dc63998c73742d94c0f

  • SHA512

    0946ccee58b6425b8f638e5f58bad5041d89e5ae949f111ea0a4bc293b6697b5192a60842a94286474c27bd60a4590343faa75333d71694704817b9d492ff6e9

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoLxJYH5:1dWubF3n9S91BF3fbo1JYH5

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\2cc90226c7a77d9f706f063fb11acdc873ab761988561dc63998c73742d94c0f.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2828
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\2cc90226c7a77d9f706f063fb11acdc873ab761988561dc63998c73742d94c0f.dll,#1
      2⤵
      • Suspicious behavior: RenamesItself
      PID:4280

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads