ea2b483c8d1ced4ee03439ead5cd3a3995eff041ee4b5bb02f621f92fd5b441c | Triage

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
24-05-2024 11:43

Sharing

Report Analysis Logs

General

Target

api-ms-win-core-datetime-l1-1-0.dll
Size

3KB
MD5

440bc90a65822fbd48c396db99146dde
SHA1

30f99a655a793d93b23bdb115a9e37f5fa77f02e
SHA256

ea2b483c8d1ced4ee03439ead5cd3a3995eff041ee4b5bb02f621f92fd5b441c
SHA512

41b967cc1a1baa6039b25bb50894ff6c38ca4ac8fd3baba3684d957f81375aaad53716edd1096167932742ec2d2e95ec1b138a00376cfc69f5eeb74730d2560e

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2004 wrote to memory of 3476	2004	rundll32.exe	82
PID 2004 wrote to memory of 3476	2004	rundll32.exe	82
PID 2004 wrote to memory of 3476	2004	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\api-ms-win-core-datetime-l1-1-0.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2004
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\api-ms-win-core-datetime-l1-1-0.dll,#1
  2⤵
  PID:3476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads