Analysis

  • max time kernel
    93s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-06-2024 13:00

General

  • Target

    cab.dll

  • Size

    96KB

  • MD5

    ef00391fe18522261e6dd092339ea205

  • SHA1

    a44e65a1370c87a7d5ce2ad26ede5ba071e38449

  • SHA256

    798992dd965844d4f661c044bb74b0ce94cff156c0f2734b4f629f44a066ceaa

  • SHA512

    7280c00479ec7f3c46a307cd151e1db8f0d40e724c82e7753888c2b8ffb792a9764512ed985b044452c6ac3d675f92d0f466c912d8b221f379054eb1a194dfd4

  • SSDEEP

    1536:OvbUJatUR7o4NzzcDCt36bL3DlKl38NwF+nwqfXyCwSD+whWTRWlLC:OD4R7o4cDCt6zwlsFw6kSxk8lLC

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\cab.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4288
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\cab.dll,#1
      2⤵
        PID:2700

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads