8a5135713c1a6688b790f11fcfc9153ebb442cee6aa69ecff9e6afd097068a66 | Triage

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
08/06/2024, 12:39

Sharing

Report Analysis Logs

General

Target

TIENG32.dll
Size

317KB
MD5

63ebdcc2ea86671601af678535aaaf9d
SHA1

680d14d8ad355f542677c1f0ae02d2f6c7b08ba9
SHA256

4e261dcdf4eca118cf75c39b2f52d5b00888de820df9e4e868183a039f25e98b
SHA512

d105a4cb3e40bd1cbf18bf60335df54bc7b1f78a6af236bd1acbacbe2e1268b98b3331edae923a40b7db3de2393cc20e5209258b126116234dadcce1a4c203e4
SSDEEP

6144:uMGChuPY+MRkJypH6Gd6pv2GGq+7D/cDaTCi7vov:5zhuPwct4NWu0

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3312 wrote to memory of 4636	3312	rundll32.exe	81
PID 3312 wrote to memory of 4636	3312	rundll32.exe	81
PID 3312 wrote to memory of 4636	3312	rundll32.exe	81

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\TIENG32.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3312
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\TIENG32.dll,#1
  2⤵
  PID:4636

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads