efce42f39fede0654458464e691d466902966fe7f6ff2edeb82dc81f4e3dbae7

Analysis

max time kernel
135s
max time network
125s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
21/05/2024, 05:56

Target

IdCtrls.dll
Size

96KB
MD5

9fdf4b8889c988bb56a76665d83f21d5
SHA1

1770ab63281d0c3017647f62e1c9553f46b6e5df
SHA256

efce42f39fede0654458464e691d466902966fe7f6ff2edeb82dc81f4e3dbae7
SHA512

08a6dd1de78860de6b41398c401b7c737863b1e757b3bc8e795ecbac440eb19ad877770ba0f68d45e6cb2fa71b77c273ad84fb28f7f49b9611ef9632ec40238f
SSDEEP

1536:TxVplnAM/MA+sghRsXlkMVQDvssN7RjDVyJdhEjItaY889pG783aEV1yLKQFbQCJ:9VplnAMsRq3VGksN7Q+kaKZJFoh

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2220 wrote to memory of 1524	2220	rundll32.exe	83
PID 2220 wrote to memory of 1524	2220	rundll32.exe	83
PID 2220 wrote to memory of 1524	2220	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\IdCtrls.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2220
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\IdCtrls.dll,#1
  2⤵
  PID:1524