2706b4cdfca5797ae83267378858a7ed1585751e6ccc947b6c40b9b470bbf60c

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
05/07/2024, 19:52

Target

2706b4cdfca5797ae83267378858a7ed1585751e6ccc947b6c40b9b470bbf60c.dll
Size

6KB
MD5

4e4ac2f2d46b0cf34e4b574687146b88
SHA1

c9868d508ce6f439554718a3195e1a6ed50336a7
SHA256

2706b4cdfca5797ae83267378858a7ed1585751e6ccc947b6c40b9b470bbf60c
SHA512

7d803b2dd6758a5d96173ec08d0e86845238f2cd456c2f891c6895905f4c2195379dee6872b36eb5e80501ab0e30b5aa5fe541f05122e5e3499895f536390867
SSDEEP

48:6EQt5YVOSVVEPy+wEMmqiHNpU10y3B+BDq9J5SV3DY:CSVVEPozmB7yB+FqX5S1D

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2748 wrote to memory of 2760	2748	rundll32.exe	30
PID 2748 wrote to memory of 2760	2748	rundll32.exe	30
PID 2748 wrote to memory of 2760	2748	rundll32.exe	30
PID 2748 wrote to memory of 2760	2748	rundll32.exe	30
PID 2748 wrote to memory of 2760	2748	rundll32.exe	30
PID 2748 wrote to memory of 2760	2748	rundll32.exe	30
PID 2748 wrote to memory of 2760	2748	rundll32.exe	30

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\2706b4cdfca5797ae83267378858a7ed1585751e6ccc947b6c40b9b470bbf60c.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2748
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\2706b4cdfca5797ae83267378858a7ed1585751e6ccc947b6c40b9b470bbf60c.dll,#1
  2⤵
  PID:2760