Analysis
-
max time kernel
117s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
27/05/2024, 12:11
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
WltRS.dll
Resource
win7-20240221-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
WltRS.dll
Resource
win10v2004-20240426-en
1 signatures
150 seconds
General
-
Target
WltRS.dll
-
Size
88KB
-
MD5
d887febf95aa7be0325f470456f5c574
-
SHA1
ea53a070dcc44f1f53c4cab98900489ffd2902a3
-
SHA256
6988c4744c6608e2fceebc6f9bab70cbfe11fa8fb2363b86e38263a35a632066
-
SHA512
c7e69bb5a24534edcd62ca90c62409c92f9a46595abe921e9edfdb46728ca24de4243a34d1faa74ee4d0bc800974a08c910d57a8542cfd5b96a19875d9ba5c3a
-
SSDEEP
1536:eTykAlmv0DRjL3UcMpKbLFgTVUojV+ObNgjoKFoiI:edAlxFYRQvO5koKFoi
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 3016 wrote to memory of 2772 3016 rundll32.exe 28 PID 3016 wrote to memory of 2772 3016 rundll32.exe 28 PID 3016 wrote to memory of 2772 3016 rundll32.exe 28 PID 3016 wrote to memory of 2772 3016 rundll32.exe 28 PID 3016 wrote to memory of 2772 3016 rundll32.exe 28 PID 3016 wrote to memory of 2772 3016 rundll32.exe 28 PID 3016 wrote to memory of 2772 3016 rundll32.exe 28