Analysis

  • max time kernel
    148s
  • max time network
    137s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/04/2024, 12:38

General

  • Target

    5e360e553618286f86bb80ec3cd2e29c0cd138f2557985a694752c2f15ea1be8.dll

  • Size

    51KB

  • MD5

    e68ac1f0006eab50c59bba83e42f6f67

  • SHA1

    8f4cd251e53bb400c8f690eee8c435801ba61299

  • SHA256

    5e360e553618286f86bb80ec3cd2e29c0cd138f2557985a694752c2f15ea1be8

  • SHA512

    c3e7399c1fd5c42423d31744b4f5775de925e53e36bbe846b5dabf82691ac1739bb9b9c892c6c858eddf24491a66b0a810463cfec9b77c49c76dd6910a3f72ac

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL0JYH5:1dWubF3n9S91BF3fboQJYH5

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\5e360e553618286f86bb80ec3cd2e29c0cd138f2557985a694752c2f15ea1be8.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:760
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\5e360e553618286f86bb80ec3cd2e29c0cd138f2557985a694752c2f15ea1be8.dll,#1
      2⤵
      • Suspicious behavior: RenamesItself
      PID:1772

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads