Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21-05-2024 14:35
Behavioral task
behavioral1
Sample
ad5c8465806dd0e49b5d12671473628e076e1744cdb9c9fa3638164778fd3ed6.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
ad5c8465806dd0e49b5d12671473628e076e1744cdb9c9fa3638164778fd3ed6.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
ad5c8465806dd0e49b5d12671473628e076e1744cdb9c9fa3638164778fd3ed6.dll
-
Size
164KB
-
MD5
bbe723936dab9bf9fd0fa11c454a58bb
-
SHA1
9d5568f74c5fa469357894ad6c16bb8f916ef285
-
SHA256
ad5c8465806dd0e49b5d12671473628e076e1744cdb9c9fa3638164778fd3ed6
-
SHA512
50717ecbaafaabad36b9120677d104076ee646934b91ebb427750f11285093852cb502a16f778dea67d4432efa55c8f6550194db7b8045ebb08f79c235442b48
-
SSDEEP
3072:fSSUeSlj8AcWqtGxtb9mO69mfXsR/tcV:fSwSlj8Kqtiga
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 2276 wrote to memory of 2304 2276 rundll32.exe rundll32.exe PID 2276 wrote to memory of 2304 2276 rundll32.exe rundll32.exe PID 2276 wrote to memory of 2304 2276 rundll32.exe rundll32.exe PID 2276 wrote to memory of 2304 2276 rundll32.exe rundll32.exe PID 2276 wrote to memory of 2304 2276 rundll32.exe rundll32.exe PID 2276 wrote to memory of 2304 2276 rundll32.exe rundll32.exe PID 2276 wrote to memory of 2304 2276 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\ad5c8465806dd0e49b5d12671473628e076e1744cdb9c9fa3638164778fd3ed6.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2276 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\ad5c8465806dd0e49b5d12671473628e076e1744cdb9c9fa3638164778fd3ed6.dll,#12⤵PID:2304