97ff8d0db6ef32b1d7bda6d0ca4077ca77b77397b0bd8fb57df47798e85afb15 | Triage

Analysis

max time kernel
131s
max time network
107s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
23/05/2024, 11:43

Sharing

Report Analysis Logs

General

Target

Common.dll
Size

2.0MB
MD5

c55fb527b6f17c1108d4feb05783ff44
SHA1

c62fcff2d22ad401cd6be1427908eb8ff14713a6
SHA256

97ff8d0db6ef32b1d7bda6d0ca4077ca77b77397b0bd8fb57df47798e85afb15
SHA512

eb0007f2dd7e731f9e7ca8ab2dfafa3d96f630cea58dcf440ff1ed43ddf41f8b3b0960dec9195aea4d37be68bfa663a4b732a01edefe9a0f38376b1823e4011a
SSDEEP

49152:Su49Lc+YiPA+YiPf+YiP3+YiP3+YiP3+YiPQrG1G:S

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1944 wrote to memory of 5040	1944	rundll32.exe	83
PID 1944 wrote to memory of 5040	1944	rundll32.exe	83
PID 1944 wrote to memory of 5040	1944	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Common.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1944
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\Common.dll,#1
  2⤵
  PID:5040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads