Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23/04/2024, 02:53

General

  • Target

    a36e69644b9a721d1750236a3f6f35fc6116eff53cd47cd0809262ccf48691f1.dll

  • Size

    899KB

  • MD5

    a0d095c1aef9901729c9873ebf235d74

  • SHA1

    4cdb3dad1b261390a5adfdea7e31c409afda5f3c

  • SHA256

    a36e69644b9a721d1750236a3f6f35fc6116eff53cd47cd0809262ccf48691f1

  • SHA512

    f3637899245bad8545bcca46a8ae7e68ea43fec388d51f4a3eafb8bab0c1d9d3196d4170ff0ee11a9cf4416a147ee0ff5078ebaa32162beb643e7cddcc79bfc1

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXC:7wqd87VC

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\a36e69644b9a721d1750236a3f6f35fc6116eff53cd47cd0809262ccf48691f1.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1152
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\a36e69644b9a721d1750236a3f6f35fc6116eff53cd47cd0809262ccf48691f1.dll,#1
      2⤵
      • Suspicious behavior: RenamesItself
      PID:1772

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads