1d41ee761f4b287ed35fc4fc7a46f953a37f6dc6ce7df14e6a622b0c642239fb

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
21/05/2024, 05:37

Target

cc3260.dll
Size

1.3MB
MD5

7087b160bab190e1bf37ce2d7d8a36bf
SHA1

ef546c5c2d76a0386a14ae26bb5d6ea018c80f3c
SHA256

1d41ee761f4b287ed35fc4fc7a46f953a37f6dc6ce7df14e6a622b0c642239fb
SHA512

009fd002363ae7c263c25aaf2fae4e19f19a53113690122d780265cb629b8c3902f54e3a09a4a5bb94dcbb845261051b33f9ac637304e2d7d2f9924682df5961
SSDEEP

12288:B0hTmAmETXGBCq2wVlhVr/Q2U4CNk0J5mzU04XErhvfnJO6+2VSruNXCwwwwwwwN:+hTmbxPhVjQnNr5m8E9JO6+4SruuZ7o

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 1916 wrote to memory of 2224	1916	rundll32.exe	28
PID 1916 wrote to memory of 2224	1916	rundll32.exe	28
PID 1916 wrote to memory of 2224	1916	rundll32.exe	28
PID 1916 wrote to memory of 2224	1916	rundll32.exe	28
PID 1916 wrote to memory of 2224	1916	rundll32.exe	28
PID 1916 wrote to memory of 2224	1916	rundll32.exe	28
PID 1916 wrote to memory of 2224	1916	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\cc3260.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1916
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\cc3260.dll,#1
  2⤵
  PID:2224