c4b4cf01d4bc1a94113403919e08608ca19e49221d0eb4777c4ec00e7968697c

Analysis

max time kernel
132s
max time network
100s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
04-05-2024 07:18

Target

c4b4cf01d4bc1a94113403919e08608ca19e49221d0eb4777c4ec00e7968697c.dll
Size

1.3MB
MD5

6156fe06c21bbb0161b3dae419f387a7
SHA1

6715088b9b0008e46592ce787a1a8a0f6665e5e2
SHA256

c4b4cf01d4bc1a94113403919e08608ca19e49221d0eb4777c4ec00e7968697c
SHA512

d71e8d609cc8f422291c87b449abcfd5f7600cf6805df6a06d2eac41e95a9aed853e019bb72df49bf30b815adf8019a929d06942ae7fc34bc7759012541f5fb3
SSDEEP

24576:YETgmHzfe71hLXFkqXdG7pdTUYO4AzDAI7qrEH7JQU:YEpHzm7CqXdGldTUYCzDA+3QU

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4044 wrote to memory of 744	4044	rundll32.exe	84
PID 4044 wrote to memory of 744	4044	rundll32.exe	84
PID 4044 wrote to memory of 744	4044	rundll32.exe	84

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\c4b4cf01d4bc1a94113403919e08608ca19e49221d0eb4777c4ec00e7968697c.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4044
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\c4b4cf01d4bc1a94113403919e08608ca19e49221d0eb4777c4ec00e7968697c.dll,#1
  2⤵
  PID:744