Analysis

  • max time kernel
    117s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 12:12

General

  • Target

    DirectWriteForwarder.dll

  • Size

    498KB

  • MD5

    a4fbb20df26708545a2d5457c9390c6f

  • SHA1

    255daed711ef0811dd29f1f54cebd0a03dcc8b5f

  • SHA256

    6d14d8aa8dc7539ef0ad275a436e37cb0b67f6b2406638fece93eee419bcfdc1

  • SHA512

    3de61d39ac4dc1e048d9fe6dcc553139541043d37dbd44c0b2073ac59a919e6e11fa535ae1f4d51692a36ed99d7f5af028ddcdd01e9782db037268bdd2f7a791

  • SSDEEP

    6144:HtsL4Mi515WAQKe+xg3S0p67Vc646hSpvEoxIVfRvbaQj0gkjaCIBl+ygpZ+hElr:HtsL0NCf3BUjauoZFw9JTumHgoq2

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\DirectWriteForwarder.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1368
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\DirectWriteForwarder.dll,#1
      2⤵
        PID:2604

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads