96e5752c9b7100d2fec1edd32dd20c29290611727a2a31d4980a8bbf28534b19

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
05/05/2024, 02:11

Target

96e5752c9b7100d2fec1edd32dd20c29290611727a2a31d4980a8bbf28534b19.dll
Size

6KB
MD5

26e537c8592b0c81df714f4681923e4f
SHA1

a6131fa636e5f14dbe8f699f9d9ba63c1281392e
SHA256

96e5752c9b7100d2fec1edd32dd20c29290611727a2a31d4980a8bbf28534b19
SHA512

56649ef6889697939da9175ef81ab30fd107593399438663a48fef75c0005f767bfb743655247dbf8f818f7e7fc3887f318e119ffc2aa925c85eb934ec2a8eac
SSDEEP

192:EHRh1epppDiVT8XMUUATLEzHTn1LuCQgMlYTNWdR:EHRObDi12ZY1qbT6T6R

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2712 wrote to memory of 3592	2712	rundll32.exe	85
PID 2712 wrote to memory of 3592	2712	rundll32.exe	85
PID 2712 wrote to memory of 3592	2712	rundll32.exe	85

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\96e5752c9b7100d2fec1edd32dd20c29290611727a2a31d4980a8bbf28534b19.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2712
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\96e5752c9b7100d2fec1edd32dd20c29290611727a2a31d4980a8bbf28534b19.dll,#1
  2⤵
  PID:3592