55dd41e0614ba9b4406c926cc1fd970351d14d11552f3a85d522af46b0a49e46

Analysis

max time kernel
119s
max time network
126s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
18-05-2024 17:38

Target

SynapseX revamaped V1.2/bin/libcef.dll
Size

96.9MB
MD5

8c51876f1b5dfbf4964732a65c1f2724
SHA1

ed5653a3a5655ba65d6221285da93799bd2517f9
SHA256

5ae7eff0a7b91e54d211046111d088ed8820793c97ee689f20371c356af6b46e
SHA512

a4bb49b64b58767fcaf5b3b889a63c0917d56c59dd48283539903a6856caf69c5ce35655e68ef8bdad1e9bc80002fd2f68fc1e46977ba68926f7a731904a7884
SSDEEP

1572864:lb59MmGrsAYmjVqbriV20b2JNBXL2k3E15gwfIydR+RP9FmBi53BpKs0G0e9qMLX:X9MuMjUH62J6Sw/sM6

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 1044 wrote to memory of 2384	1044	rundll32.exe	rundll32.exe
PID 1044 wrote to memory of 2384	1044	rundll32.exe	rundll32.exe
PID 1044 wrote to memory of 2384	1044	rundll32.exe	rundll32.exe
PID 1044 wrote to memory of 2384	1044	rundll32.exe	rundll32.exe
PID 1044 wrote to memory of 2384	1044	rundll32.exe	rundll32.exe
PID 1044 wrote to memory of 2384	1044	rundll32.exe	rundll32.exe
PID 1044 wrote to memory of 2384	1044	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\SynapseX revamaped V1.2\bin\libcef.dll",#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1044

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\SynapseX revamaped V1.2\bin\libcef.dll",#1
2⤵
PID:2384