Analysis

  • max time kernel
    95s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/07/2024, 21:37

General

  • Target

    42f8ff888b88b0fc0468fb07b50a2b009f1ad5bddd9221df6a1936d5db3a9bf9.dll

  • Size

    23KB

  • MD5

    9e956079eba9b484b8256ca19ee1f6d6

  • SHA1

    53d78a3771fd2547151b6e629adac06349fbe54e

  • SHA256

    42f8ff888b88b0fc0468fb07b50a2b009f1ad5bddd9221df6a1936d5db3a9bf9

  • SHA512

    3297b77d4b6c4a6d362ceb8c6ac9f4cb3183d19f319995d0e930108b38c2fdb44c58ff39628c0cff7a7f9e890cffa0cf6c14e48c7b17fa4d7df86650cd65a044

  • SSDEEP

    384:ySfM5KdwXslqosF3S08DklrgpSi2bprTW1xEpXonhd68w4L13R6nE7GSWqLMnDyb:DfXdwXslqosF3S3ugpYrTW1xEpXonhQK

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\42f8ff888b88b0fc0468fb07b50a2b009f1ad5bddd9221df6a1936d5db3a9bf9.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:460
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\42f8ff888b88b0fc0468fb07b50a2b009f1ad5bddd9221df6a1936d5db3a9bf9.dll,#1
      2⤵
        PID:3656

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads