6e83e0c682d0323703eb728f80cf43c0d88c8d06af7021176b7d7e1762ba78b1

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
05-05-2024 05:44

Target

Deceit ЧИТ/Cheat/DRANKDAD V2_[unknowncheats.me]_.dll
Size

175KB
MD5

5c17e6c933d508a29c211834aa615948
SHA1

708f75eb853663a29fa7ce150e168a118c6a23ce
SHA256

2f33840a3639f89a6fdb2b9d0c374876baf855b984e1489f775fcc50e8c42047
SHA512

30d46f8422d2fcefaa3b990ec1ededa1210f02b6d1e59fb6d94f72067ab6c365aaf5476f7ad9ac3ebcc718c7885ce20789cc7de385de093e7b7b41e3bb2f9d95
SSDEEP

3072:98Syzk4z6KngS5CenLRHSTKzf7L0685knYVepJsmT2H/ubyPT3J0M57juTnGO50l:98SpDKngS5CenLRHSTKzf7L0685OYVeu

Score

1^/10

Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes:

rundll32.exe

pid process

1044 rundll32.exe

pid	process
1044	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Deceit ЧИТ\Cheat\DRANKDAD V2_[unknowncheats.me]_.dll",#1
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1044