356b5fc3f9f175eac8390ace59bd731c18c9b86b7d656a0985caecd6865e9f7b

Analysis

max time kernel
121s
max time network
125s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
22-05-2024 20:35

Target

356b5fc3f9f175eac8390ace59bd731c18c9b86b7d656a0985caecd6865e9f7b.dll
Size

59KB
MD5

a6efec55fbd8408b816dcefe443bde60
SHA1

3c3b4704c55540468ce4b1b9a7299f50e6104a47
SHA256

356b5fc3f9f175eac8390ace59bd731c18c9b86b7d656a0985caecd6865e9f7b
SHA512

d4a6b1a7d4a7278be9e8763081e94d3a1fcb4b3244d79f6ea3e037ac37310ca06ca11a40d141f8e0b39cd42563fab4ca8c6b5bcbca4813c6592d48b876a3d106
SSDEEP

768:vAAp38DU1c60iaOIiQClgwrsu6rF7/Xutv8RwkXd94c6B3tH++vuARr:xz0iSaDru7/+PeBar

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 2224 wrote to memory of 2228	2224	rundll32.exe	rundll32.exe
PID 2224 wrote to memory of 2228	2224	rundll32.exe	rundll32.exe
PID 2224 wrote to memory of 2228	2224	rundll32.exe	rundll32.exe
PID 2224 wrote to memory of 2228	2224	rundll32.exe	rundll32.exe
PID 2224 wrote to memory of 2228	2224	rundll32.exe	rundll32.exe
PID 2224 wrote to memory of 2228	2224	rundll32.exe	rundll32.exe
PID 2224 wrote to memory of 2228	2224	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\356b5fc3f9f175eac8390ace59bd731c18c9b86b7d656a0985caecd6865e9f7b.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2224

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\356b5fc3f9f175eac8390ace59bd731c18c9b86b7d656a0985caecd6865e9f7b.dll,#1
2⤵
PID:2228