6661a5f6f8766b2dbc2e7ec640b69887771a36eeed9a16887607131c19f5fec1

Analysis

max time kernel
130s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
21/05/2024, 05:33

Target

DialogBlockerProc.dll
Size

40KB
MD5

d4e035247c30b2fdf41aab4acad918c6
SHA1

2a344af8445b8c1b33873fbc3d5313358f2bea26
SHA256

6661a5f6f8766b2dbc2e7ec640b69887771a36eeed9a16887607131c19f5fec1
SHA512

49ee3c8493785040202b018451e07bbc6cc2410c13cacd1bc4a64aa24a640a60d416384ba22183c8a945437cdf4cbc7280e555c8431bd651ccaf9d8874e4c5fd
SSDEEP

768:gd1tuSf6RWVkW7Srrr7pkpFZLyG38joTrr4qI/dC/R2QFGqYbDM:gd1tuTRWVkW7yrXpknsGMjuYVQFGdDM

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1468 wrote to memory of 3844	1468	rundll32.exe	83
PID 1468 wrote to memory of 3844	1468	rundll32.exe	83
PID 1468 wrote to memory of 3844	1468	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\DialogBlockerProc.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1468
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\DialogBlockerProc.dll,#1
  2⤵
  PID:3844