8f4d63fea00eca6d91147de6a10b7aae6069f164ef00d5986eff571249552dae

Analysis

max time kernel
120s
max time network
122s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
05-07-2024 23:21

Target

$_1_/ssleay32.dll
Size

337KB
MD5

5c268ca919854fc22d85f916d102ee7f
SHA1

0957cf86e0334673eb45945985b5c033b412be0e
SHA256

1f4b3efc919af1106f348662ee9ad95ab019058ff502e3d68e1b5f7abff91b56
SHA512

76d0abad1d7d0856ec1b8e598b05a2a6eece220ea39d74e7f6278a4219e22c75b7f618160ce41810daa57d5d4d534afd78f5cc1bd6de927dbb6a551aca2f8310
SSDEEP

6144:8EXfWSXFKIsrpivdM+kPsmWak8dfthPDP0wrE90k7DUT/NaDB7JlwScihgbX5/GU:8EXfWSVKIsrpivdM+msmWak8dfnPDPPz

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

rundll32.exe

description	pid	process	target process
PID 2276 wrote to memory of 2096	2276	rundll32.exe	rundll32.exe
PID 2276 wrote to memory of 2096	2276	rundll32.exe	rundll32.exe
PID 2276 wrote to memory of 2096	2276	rundll32.exe	rundll32.exe
PID 2276 wrote to memory of 2096	2276	rundll32.exe	rundll32.exe
PID 2276 wrote to memory of 2096	2276	rundll32.exe	rundll32.exe
PID 2276 wrote to memory of 2096	2276	rundll32.exe	rundll32.exe
PID 2276 wrote to memory of 2096	2276	rundll32.exe	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$_1_\ssleay32.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2276
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\$_1_\ssleay32.dll,#1
  2⤵
  PID:2096