cbd33d7ba3b8ef4562c696e1b70b5e71faded4cfb6b18b5f4c3d2eae20abf872

Analysis

max time kernel
134s
max time network
143s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
26/04/2024, 14:21

Target

NetflixCE V4/NetflixCE/libmikmod32.dll
Size

300KB
MD5

462322cc93e55016d5ea78b2b9823657
SHA1

3e8e00b690a4370d6f2dfdcf730f2d3fda4806a6
SHA256

aedc048fcfec594e7307e4730d850e5e0121820a76ca1a363f4a2e41d084f393
SHA512

a46e56130a8d1ca588d9935d98468543328b42492f1257157d2c7fd99ac341e8a22337ac2228aecf33a70913a7e7161b300bb458e1c07d5d0b94a7aa1dd72d79
SSDEEP

3072:3QMsoykzuYV4SPaa/Gr+RBmRQ5wipE04CIcFw6eAwE5Sm1Q5jsV+XkO4qOT:3NJyTuxkC57IZEzGmT

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4264 wrote to memory of 2924	4264	rundll32.exe	73
PID 4264 wrote to memory of 2924	4264	rundll32.exe	73
PID 4264 wrote to memory of 2924	4264	rundll32.exe	73

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\NetflixCE V4\NetflixCE\libmikmod32.dll",#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4264
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe "C:\Users\Admin\AppData\Local\Temp\NetflixCE V4\NetflixCE\libmikmod32.dll",#1
  2⤵
  PID:2924