Analysis

  • max time kernel
    135s
  • max time network
    104s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/05/2024, 03:16

General

  • Target

    d17348c3548f5bf91c44d466832cc40ef462cf312df878347d989c265c3b7cd7.dll

  • Size

    329KB

  • MD5

    1f0ed273650f15a16fd97d4219b0e31c

  • SHA1

    357c5962c2e33ea0f08a4e8f936dc74f0d08bd7f

  • SHA256

    d17348c3548f5bf91c44d466832cc40ef462cf312df878347d989c265c3b7cd7

  • SHA512

    fbff8a50bd52cd14ed372d1f728cfb34b6e2bd6277be51890c15d0621c1f355c35639cfa8cb713efe7e52457942c7eb870d77050cbce0e99d3c7e3de00532c63

  • SSDEEP

    6144:RmWhxR1arY/PbgmFOabPIIBhJXAv7eTY9suz0xhttGSrDKE3KIvSka8br:RmWTR1arYnEKosuzY34CZ3DvSkN

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\d17348c3548f5bf91c44d466832cc40ef462cf312df878347d989c265c3b7cd7.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4600
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\d17348c3548f5bf91c44d466832cc40ef462cf312df878347d989c265c3b7cd7.dll,#1
      2⤵
        PID:3476

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads