86e513547e1ef19f57bbec79924ac4f63231decbfefc76b188ecca3aafcbfd44

Analysis

max time kernel
147s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
14-06-2024 23:26

Target

86e513547e1ef19f57bbec79924ac4f63231decbfefc76b188ecca3aafcbfd44.dll
Size

6KB
MD5

5c4c5fb6309c36e17eed933299f2993d
SHA1

db7644a915c0b5c8ecb27bbb5661e4cf4f16de2d
SHA256

86e513547e1ef19f57bbec79924ac4f63231decbfefc76b188ecca3aafcbfd44
SHA512

b91c174e2806e6b614977a763056feecf7b09d05e9f0bfa6fecfcff048b6976819f19a9a1fb6cf52e1a252a32f7f62b02c22eefc420a11dd99ff29f8c5fe5620
SSDEEP

96:Ts1Wnnnynnnnnnnn6nnann7nnXnnbnnKniROm61Qy12wk:YXL61Qy121

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4560 wrote to memory of 3940	4560	rundll32.exe	82
PID 4560 wrote to memory of 3940	4560	rundll32.exe	82
PID 4560 wrote to memory of 3940	4560	rundll32.exe	82

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\86e513547e1ef19f57bbec79924ac4f63231decbfefc76b188ecca3aafcbfd44.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4560
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\86e513547e1ef19f57bbec79924ac4f63231decbfefc76b188ecca3aafcbfd44.dll,#1
  2⤵
  PID:3940