Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
27/05/2024, 11:40
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
FlyTcpFramework.dll
Resource
win7-20240508-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
FlyTcpFramework.dll
Resource
win10v2004-20240226-en
1 signatures
150 seconds
General
-
Target
FlyTcpFramework.dll
-
Size
28KB
-
MD5
690d3f6d09df8e40b597e38662977b07
-
SHA1
1349ab8047834dd57af6e707df4a0f6d0ca3fe0e
-
SHA256
32786b14b17cdf83c54b9d097d8e7d6169e14dcd8065ae224da93d9e34398f49
-
SHA512
fb4aa17632836a005b7a66ff49784f61a1cf838cd88918fdd4df0bf6b48db0b5ef43d87731698922a63ddf6f07da4a6126a6254332d5920d3c04505c2cd80929
-
SSDEEP
384:OI+F9dLUbpONLXpn+Vvjbv4Ml19OytyBC2fZp:grFNLXpibPTOXzfX
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1244 wrote to memory of 2228 1244 rundll32.exe 28 PID 1244 wrote to memory of 2228 1244 rundll32.exe 28 PID 1244 wrote to memory of 2228 1244 rundll32.exe 28 PID 1244 wrote to memory of 2228 1244 rundll32.exe 28 PID 1244 wrote to memory of 2228 1244 rundll32.exe 28 PID 1244 wrote to memory of 2228 1244 rundll32.exe 28 PID 1244 wrote to memory of 2228 1244 rundll32.exe 28