302d962ef6849bb89597b15ff5c0683d5c1fdbf1f3ac98649d7659236d28daae | Triage

Analysis

max time kernel
101s
max time network
117s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
12-07-2024 22:35

Sharing

Report Analysis Logs

General

Target

07d72371fe19d2c0a647a8783fc549a0N.dll
Size

3KB
MD5

07d72371fe19d2c0a647a8783fc549a0
SHA1

8f960ab8fd3d61be3230cb82af9e806c6dfc78f8
SHA256

302d962ef6849bb89597b15ff5c0683d5c1fdbf1f3ac98649d7659236d28daae
SHA512

0e2bedb6cb98c713caa07050c455e625df005584c951a52a077acd9bac92c25b935624080e1b9ed570478fe1c66c077853222651e066f0a8644e3a51f367d0d3

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2564 wrote to memory of 2540	2564	rundll32.exe	83
PID 2564 wrote to memory of 2540	2564	rundll32.exe	83
PID 2564 wrote to memory of 2540	2564	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\07d72371fe19d2c0a647a8783fc549a0N.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2564
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\07d72371fe19d2c0a647a8783fc549a0N.dll,#1
  2⤵
  PID:2540

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads