Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/04/2024, 02:42

General

  • Target

    d240da440673332224bb33ac537913aa7b5c52d3d70dc1e4e95c454b59d22b51.dll

  • Size

    899KB

  • MD5

    ba2a614666af91c5f0921faddf13957b

  • SHA1

    21a9baa7c4887a2c7fdb5fbdccf42f4567d515cd

  • SHA256

    d240da440673332224bb33ac537913aa7b5c52d3d70dc1e4e95c454b59d22b51

  • SHA512

    e3e0b37d2942e29531a8b7be92d696ca3ad486b113a746207bb4fbc95bb72634aa5fc9b5ab9e05c934db2d124538f1d28aa562eca904befeb80d8b28a1096da8

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXM:7wqd87VM

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\d240da440673332224bb33ac537913aa7b5c52d3d70dc1e4e95c454b59d22b51.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4232
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\d240da440673332224bb33ac537913aa7b5c52d3d70dc1e4e95c454b59d22b51.dll,#1
      2⤵
      • Suspicious behavior: RenamesItself
      PID:2128

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads