55ec70be2215a22b639b5cdc07f3bf8b71354c72b9edbc9a7a76907cf69352f7

Analysis

max time kernel
119s
max time network
121s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
15-05-2024 22:12

Target

55ec70be2215a22b639b5cdc07f3bf8b71354c72b9edbc9a7a76907cf69352f7.dll
Size

81KB
MD5

c9f3c5ea278dadcd1f19f4d986e2a28c
SHA1

d603c3453c74fb1d84b5dd03243513c1951e3386
SHA256

55ec70be2215a22b639b5cdc07f3bf8b71354c72b9edbc9a7a76907cf69352f7
SHA512

5317ee9483ea5b37287b55f4a860d1840f24957cca0dc9e6d6b6c80795aa5538a879aa926e14e4cf32c56446ca4e777cae3e4417001f6c82db89cbcbe60ea649
SSDEEP

1536:XtByXv7uWGEqXZKXTadSp7Lxw9zzBPw+iASUSFOj8sWHcdF7zenq8WY:X4v4JKXTx71w0ArSsXF3enq8WY

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 1844 wrote to memory of 1624	1844	rundll32.exe	rundll32.exe
PID 1844 wrote to memory of 1624	1844	rundll32.exe	rundll32.exe
PID 1844 wrote to memory of 1624	1844	rundll32.exe	rundll32.exe
PID 1844 wrote to memory of 1624	1844	rundll32.exe	rundll32.exe
PID 1844 wrote to memory of 1624	1844	rundll32.exe	rundll32.exe
PID 1844 wrote to memory of 1624	1844	rundll32.exe	rundll32.exe
PID 1844 wrote to memory of 1624	1844	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\55ec70be2215a22b639b5cdc07f3bf8b71354c72b9edbc9a7a76907cf69352f7.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1844

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\55ec70be2215a22b639b5cdc07f3bf8b71354c72b9edbc9a7a76907cf69352f7.dll,#1
2⤵
PID:1624