ea319d94a7389ae17ec402081cecf7c7e7cb62d9e68713ad982166895daa397a | Triage

Analysis

max time kernel
133s
max time network
103s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
21/05/2024, 05:49

Sharing

Report Analysis Logs

General

Target

aepic.dll
Size

202KB
MD5

9dd2671f68fa5195cf8867e33d30bef0
SHA1

500e296ddcd354d16c979143fa207d67ba7e9e34
SHA256

ea319d94a7389ae17ec402081cecf7c7e7cb62d9e68713ad982166895daa397a
SHA512

4fcf3348d79db52c519888de32aa789d6cd26301ad4092004fe5d110feff49815d2e9c3f9f099293d7442e592426c522f0b187ebec6d8349189cf4e90f795bc8
SSDEEP

6144:nAqgKikbFcD2oDoOZYzRCyi9FWvv5Hw9cINbCXzx8MknHlsqkKrQv:AqdiDRZYzRCyi9FWvv6uC2XF8M4H6XT

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2600 wrote to memory of 3472	2600	rundll32.exe	83
PID 2600 wrote to memory of 3472	2600	rundll32.exe	83
PID 2600 wrote to memory of 3472	2600	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\aepic.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2600
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\aepic.dll,#1
  2⤵
  PID:3472

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads