Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
23-05-2024 12:09
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
OpenForYouyi.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
OpenForYouyi.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
OpenForYouyi.dll
-
Size
2.2MB
-
MD5
9023e6538859323de03668f0ea5b0543
-
SHA1
6aa942090213202a2476341e1ea19b530fdc62fe
-
SHA256
afc11719f08090f7ecec2b979935d7d3c6c3a9810ec01d2edc18c763d7f02da7
-
SHA512
8d74a876afc183e95bd6f91e2cbc817a89cce519baabd302af17f9e98213147fd0ca480e593b225ae54007a777736367fe6ff67863660a79cd0aa5530dccc313
-
SSDEEP
24576:OaUk9F7dN9/VQc5xaNHSfcb6/GqOu4vL:Ik9F7dN9/VxPfcbSG9fv
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2188 wrote to memory of 1708 2188 rundll32.exe 28 PID 2188 wrote to memory of 1708 2188 rundll32.exe 28 PID 2188 wrote to memory of 1708 2188 rundll32.exe 28 PID 2188 wrote to memory of 1708 2188 rundll32.exe 28 PID 2188 wrote to memory of 1708 2188 rundll32.exe 28 PID 2188 wrote to memory of 1708 2188 rundll32.exe 28 PID 2188 wrote to memory of 1708 2188 rundll32.exe 28