Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-05-2024 08:14
Behavioral task
behavioral1
Sample
a3055fab9906b7eed61cec235cb8d53720fcede6df5a6573615093138abef1e3.dll
Resource
win7-20240221-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
a3055fab9906b7eed61cec235cb8d53720fcede6df5a6573615093138abef1e3.dll
Resource
win10v2004-20240426-en
2 signatures
150 seconds
General
-
Target
a3055fab9906b7eed61cec235cb8d53720fcede6df5a6573615093138abef1e3.dll
-
Size
164KB
-
MD5
119a205e27d9c9e864f3a5b2c91cca02
-
SHA1
cc388a0c3643c5f5b039d5284237a38d74ae21b5
-
SHA256
a3055fab9906b7eed61cec235cb8d53720fcede6df5a6573615093138abef1e3
-
SHA512
97f0ed7977d30cecd625c5bbc33e0e2cc7ae80b9d6e43f7cd21796817deb3aaa0e5dbb8049429872b67f31cee426642d6671709e67f59806e5846bbb0bba7ae3
-
SSDEEP
3072:vJgI/GkzG1mxLhbkBPYa6KDKtYTwyEmH+7rg8XK43QAh3U:qyzGa4P56SKKTwXmH2MTJ03U
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 2020 wrote to memory of 2488 2020 rundll32.exe rundll32.exe PID 2020 wrote to memory of 2488 2020 rundll32.exe rundll32.exe PID 2020 wrote to memory of 2488 2020 rundll32.exe rundll32.exe PID 2020 wrote to memory of 2488 2020 rundll32.exe rundll32.exe PID 2020 wrote to memory of 2488 2020 rundll32.exe rundll32.exe PID 2020 wrote to memory of 2488 2020 rundll32.exe rundll32.exe PID 2020 wrote to memory of 2488 2020 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\a3055fab9906b7eed61cec235cb8d53720fcede6df5a6573615093138abef1e3.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\a3055fab9906b7eed61cec235cb8d53720fcede6df5a6573615093138abef1e3.dll,#12⤵