fccb0fa7ef84ad06529c922012fe6256fc34779d2142490e69afa6685238f5c3

Analysis

max time kernel
118s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
01/05/2024, 05:26

Target

fccb0fa7ef84ad06529c922012fe6256fc34779d2142490e69afa6685238f5c3.dll
Size

81KB
MD5

6292bdf40da335f953ff1e468deac5cd
SHA1

2050b8a61def4490f48849cf2bf0ce42fab2e08a
SHA256

fccb0fa7ef84ad06529c922012fe6256fc34779d2142490e69afa6685238f5c3
SHA512

c87cf79201daae51203d0b2378a0b3031b9d109f4267f478d20c1a0d397babbfac58b4eac47ff8567cf4e22ba16061764e3b737c7a3e7687638295117697ad52
SSDEEP

1536:AByXv7uWGEqXZKXTadSp7Lxw9zzBPw+NASUSFOj8sWHcdF6+eXq8WL:dv4JKXTx71wnArSsXFpeXq8WL

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28
PID 2344 wrote to memory of 2360	2344	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\fccb0fa7ef84ad06529c922012fe6256fc34779d2142490e69afa6685238f5c3.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2344
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\fccb0fa7ef84ad06529c922012fe6256fc34779d2142490e69afa6685238f5c3.dll,#1
  2⤵
  PID:2360