Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/04/2024, 02:54

General

  • Target

    ee146401dbd963929a152c40891602acb4b34364e21e1972cb13f9d3a968fe9f.dll

  • Size

    899KB

  • MD5

    94ec58b425c30fac4bd65e3a0fac29a1

  • SHA1

    0ed5ffa67adebcf20fab6511e4bdc3ceb21ab619

  • SHA256

    ee146401dbd963929a152c40891602acb4b34364e21e1972cb13f9d3a968fe9f

  • SHA512

    f47bbd4ab172697938cc0d9c1a7ccb390d29e4d7f7ed78d498d86c0d3b33538e3bfe4a94ab6e4fa1f61499ec64dbe7791f52da969de08f52ce072e499b7fccbc

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXt:7wqd87Vt

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\ee146401dbd963929a152c40891602acb4b34364e21e1972cb13f9d3a968fe9f.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4076
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\ee146401dbd963929a152c40891602acb4b34364e21e1972cb13f9d3a968fe9f.dll,#1
      2⤵
      • Suspicious behavior: RenamesItself
      PID:2276

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads