Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-05-2024 05:32

General

  • Target

    fwsc.dll

  • Size

    13KB

  • MD5

    9f7c218922b9f7769481318324a3c0b2

  • SHA1

    a1e53b7f364acabf022493c0db1210c99fa1541b

  • SHA256

    f96c1f5a6d0c1713df7a5e329c7dbe8d07628514fb5d8b33d0b1970ae33beb96

  • SHA512

    fa5700ac5af76eb58cc8e6b8399366ce58247dd797ad0af913409a93e626780202144184e2bd1808331da551d3c00dc1e11dc70d109710158d735f95feb4a994

  • SSDEEP

    192:I/I/OiRQXaGnED1WqIkIE1iY0/Ic1+AMHhoUqkVucA8LBOxx:3/sqGSvPhiYoIcgA9YV+L

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\fwsc.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:112
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\fwsc.dll,#1
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads