a75fca78584e52d16d43d57e475f5b406b4f31a3339dfc3d9f328bf5e7efa898

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 01:28

Target

a75fca78584e52d16d43d57e475f5b406b4f31a3339dfc3d9f328bf5e7efa898.dll
Size

329KB
MD5

36cd019367b552adc2ba7ae1be55790a
SHA1

1d49921661d10110df4a0a1f40ddc0e421c94309
SHA256

a75fca78584e52d16d43d57e475f5b406b4f31a3339dfc3d9f328bf5e7efa898
SHA512

01660d539825d8d8d65c19ff8c4909423b5cbabb25a059006f4fbcf2cb526985639023043eec4aa1894f37d831af8f33ad8473e1cce323e4b763d296ad786117
SSDEEP

6144:smWicfSPyXTnkl+r+MHLt8TaggWQI9TXS0osg:smWip2TnGC+MHL2mgiIFXS0

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 2220 wrote to memory of 2176	2220	rundll32.exe	rundll32.exe
PID 2220 wrote to memory of 2176	2220	rundll32.exe	rundll32.exe
PID 2220 wrote to memory of 2176	2220	rundll32.exe	rundll32.exe
PID 2220 wrote to memory of 2176	2220	rundll32.exe	rundll32.exe
PID 2220 wrote to memory of 2176	2220	rundll32.exe	rundll32.exe
PID 2220 wrote to memory of 2176	2220	rundll32.exe	rundll32.exe
PID 2220 wrote to memory of 2176	2220	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\a75fca78584e52d16d43d57e475f5b406b4f31a3339dfc3d9f328bf5e7efa898.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2220

C:\Windows\SysWOW64\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\a75fca78584e52d16d43d57e475f5b406b4f31a3339dfc3d9f328bf5e7efa898.dll,#1
2⤵
PID:2176