9fb75b7cdf2fc772c6c0f8af2ac91b007113f43fd79af9e78a48311f1859b2fb

Analysis

max time kernel
122s
max time network
126s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
29/06/2024, 00:50

Target

9fb75b7cdf2fc772c6c0f8af2ac91b007113f43fd79af9e78a48311f1859b2fb.dll
Size

139KB
MD5

6c360804af64fa399e4988f1c0607e14
SHA1

8f1562ffe76c406db07716847fc70d7053b07e21
SHA256

9fb75b7cdf2fc772c6c0f8af2ac91b007113f43fd79af9e78a48311f1859b2fb
SHA512

22810666a62c006ee1c1c33d663b1e247a586c8c1823b61f0b4f52f39067ec73ca861d8bd5e0642424a7b07bdc42d8a7a4cc13b1b33c702b94a7ef96d6e6db05
SSDEEP

3072:CeKpq57GJkNaNG81lg3k1Pn2cY2vHKP9oqmh:CefBGaQ+mnTKFoqq

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2232 wrote to memory of 1432	2232	rundll32.exe	28
PID 2232 wrote to memory of 1432	2232	rundll32.exe	28
PID 2232 wrote to memory of 1432	2232	rundll32.exe	28
PID 2232 wrote to memory of 1432	2232	rundll32.exe	28
PID 2232 wrote to memory of 1432	2232	rundll32.exe	28
PID 2232 wrote to memory of 1432	2232	rundll32.exe	28
PID 2232 wrote to memory of 1432	2232	rundll32.exe	28

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\9fb75b7cdf2fc772c6c0f8af2ac91b007113f43fd79af9e78a48311f1859b2fb.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2232
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\9fb75b7cdf2fc772c6c0f8af2ac91b007113f43fd79af9e78a48311f1859b2fb.dll,#1
  2⤵
  PID:1432

memory/1432-2-0x0000000010000000-0x0000000010024000-memory.dmp

Filesize
144KB

Download
memory/1432-3-0x0000000010000000-0x0000000010024000-memory.dmp

Filesize
144KB

Download
memory/1432-1-0x0000000010000000-0x0000000010024000-memory.dmp

Filesize
144KB

Download
memory/1432-0-0x0000000010000000-0x0000000010024000-memory.dmp

Filesize
144KB

Download