Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
03-07-2024 21:05
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
43d010dd90624a96edf3aff09a60cd6abcdb993ebb86283267333c214ed2c523.dll
Resource
win7-20240220-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
43d010dd90624a96edf3aff09a60cd6abcdb993ebb86283267333c214ed2c523.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
43d010dd90624a96edf3aff09a60cd6abcdb993ebb86283267333c214ed2c523.dll
-
Size
7KB
-
MD5
0e8dd0d7d248a530b8fd654601964253
-
SHA1
d240b4704795c84be49dc382836ceb21ba10dc7f
-
SHA256
43d010dd90624a96edf3aff09a60cd6abcdb993ebb86283267333c214ed2c523
-
SHA512
7fab4adde33282b33f652d9d3b17c8d140a92e3ff80720c3b073ef27e615fdafd18b7634dc26c974f20b4c14aee43125dc16ade79f9568947c397c603a70cde4
-
SSDEEP
96:wb4VHccYJUC/aFbz/j0OvaPtd3cX5aXW:wUaJf/aFbP0OK2JaX
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2700 wrote to memory of 2228 2700 rundll32.exe 28 PID 2700 wrote to memory of 2228 2700 rundll32.exe 28 PID 2700 wrote to memory of 2228 2700 rundll32.exe 28 PID 2700 wrote to memory of 2228 2700 rundll32.exe 28 PID 2700 wrote to memory of 2228 2700 rundll32.exe 28 PID 2700 wrote to memory of 2228 2700 rundll32.exe 28 PID 2700 wrote to memory of 2228 2700 rundll32.exe 28
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\43d010dd90624a96edf3aff09a60cd6abcdb993ebb86283267333c214ed2c523.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2700 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\43d010dd90624a96edf3aff09a60cd6abcdb993ebb86283267333c214ed2c523.dll,#12⤵PID:2228
-