62684fc22836ec4cb8e1e12d4c3ed7454dd5c7b756610ecd9fae9d0165e851fc

Analysis

max time kernel
149s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
23-05-2024 00:30

Target

62684fc22836ec4cb8e1e12d4c3ed7454dd5c7b756610ecd9fae9d0165e851fc.dll
Size

424KB
MD5

88d5f01c223c61b8d33c916456a33650
SHA1

38d24400e8fdceecdfc8d49028a7b5191703c404
SHA256

62684fc22836ec4cb8e1e12d4c3ed7454dd5c7b756610ecd9fae9d0165e851fc
SHA512

bdea57e29847503a248f58f604000c88a988fadcb7baaab6040b5a18174eda105a3a3fc945ecf98a782e00fa6c3662b88a9f057970e92b0b7fcd8c2a447a334e
SSDEEP

6144:hzGfA7TNi73NuwFsEqWjU6HzGUtxWoYr4r+e5/qyYpWE0ao98bJ6zU6iT:sATNicEqWjU6iUtx5Yr4dtN8kzU9

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 4056 wrote to memory of 228	4056	rundll32.exe	rundll32.exe
PID 4056 wrote to memory of 228	4056	rundll32.exe	rundll32.exe
PID 4056 wrote to memory of 228	4056	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\62684fc22836ec4cb8e1e12d4c3ed7454dd5c7b756610ecd9fae9d0165e851fc.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4056

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\62684fc22836ec4cb8e1e12d4c3ed7454dd5c7b756610ecd9fae9d0165e851fc.dll,#1
2⤵
PID:228