fbb193aa2abd690cc7de90294297db1ced27d24416a4acd3d987c056d8f91874

Analysis

max time kernel
117s
max time network
119s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
28-05-2024 12:58

Target

fbb193aa2abd690cc7de90294297db1ced27d24416a4acd3d987c056d8f91874.dll
Size

150KB
MD5

71933cbe67b737e34a55da856a51a59e
SHA1

61c9d2a4eb29fc445603c99c7be7929905aac6e2
SHA256

fbb193aa2abd690cc7de90294297db1ced27d24416a4acd3d987c056d8f91874
SHA512

e2668933545842d052df7f7f7417b7b4d627f879dd01c72775c85f73901de1e6b08230c38ee5e77941087c69288016c6d442793074d5f0de76ac7e8240a2c3e1
SSDEEP

1536:KNtJIsLJasQN0rcGda7mh3rBP/Gc75i0YGZPERbEYl/9dq1X6Yfi:KN0spknYhNP/x10Lq1X3fi

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2204 wrote to memory of 2956	2204	rundll32.exe	28
PID 2204 wrote to memory of 2956	2204	rundll32.exe	28
PID 2204 wrote to memory of 2956	2204	rundll32.exe	28
PID 2204 wrote to memory of 2956	2204	rundll32.exe	28
PID 2204 wrote to memory of 2956	2204	rundll32.exe	28
PID 2204 wrote to memory of 2956	2204	rundll32.exe	28
PID 2204 wrote to memory of 2956	2204	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\fbb193aa2abd690cc7de90294297db1ced27d24416a4acd3d987c056d8f91874.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2204
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\fbb193aa2abd690cc7de90294297db1ced27d24416a4acd3d987c056d8f91874.dll,#1
  2⤵
  PID:2956