84adb676a165398ecc28b1fb941d334b393691b5fb4ae2eb32beb260fe8e760b

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
22-05-2024 23:51

Target

84adb676a165398ecc28b1fb941d334b393691b5fb4ae2eb32beb260fe8e760b.dll
Size

130KB
MD5

5c7847c1592bdc6a1603797f23eba069
SHA1

aafe58401307e1183bc1fe2eebd98000a881823a
SHA256

84adb676a165398ecc28b1fb941d334b393691b5fb4ae2eb32beb260fe8e760b
SHA512

0155c91438a886d9893e70cddf20f154481bd54d770ed47e43869864acef1264a553c3577c801e1ff3535e28effff0431e0f6bed37b25bb934df7d76e9937a4e
SSDEEP

1536:BYxaAJZO/JcR3RWZPjvgJ6pADFTFDNirTsIUgrbpYZnLB0zU19BEfi:BYsAq/C3RCzgJHvNA1PpY9L6zUzBEfi

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 2856 wrote to memory of 2056	2856	rundll32.exe	rundll32.exe
PID 2856 wrote to memory of 2056	2856	rundll32.exe	rundll32.exe
PID 2856 wrote to memory of 2056	2856	rundll32.exe	rundll32.exe
PID 2856 wrote to memory of 2056	2856	rundll32.exe	rundll32.exe
PID 2856 wrote to memory of 2056	2856	rundll32.exe	rundll32.exe
PID 2856 wrote to memory of 2056	2856	rundll32.exe	rundll32.exe
PID 2856 wrote to memory of 2056	2856	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\84adb676a165398ecc28b1fb941d334b393691b5fb4ae2eb32beb260fe8e760b.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2856
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\84adb676a165398ecc28b1fb941d334b393691b5fb4ae2eb32beb260fe8e760b.dll,#1
  2⤵
  PID:2056