Analysis

  • max time kernel
    1s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240611-en
  • resource tags

    arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    12/06/2024, 20:19

General

  • Target

    v2.4/symsrv.dll

  • Size

    136KB

  • MD5

    54559270b6e12274e07fb547aa415fd4

  • SHA1

    d676a5c42874d6b69bbf7c950f404d7f0bf20ed2

  • SHA256

    cc36f89b0fd793f1cd189c68f6f430f934ae9c9e23871739de09c84f67035183

  • SHA512

    17e6a29ef00971ef2796e18a5e9f33950e9f7ddb25ea6e9f0eed082eb8aa4dd7366c795fcbf6c6fa19a4e47ef3c8f6244202f65915c4accb02941bbc40500f66

  • SSDEEP

    3072:cPeB8Zm6xTuaTe5l477ZhB59X5Z4B8RlgGUmh9AD/tA25P:y3UaPF8Bk+GUs9AD1AoP

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\v2.4\symsrv.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2316
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\v2.4\symsrv.dll,#1
      2⤵
        PID:1844

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads