6b7eabbd7b7021ed4c245099324f8091859ddc4c4a92a604447bbc34ea54c0bd | Triage

Analysis

max time kernel
94s
max time network
100s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
12/07/2024, 07:42

Sharing

Report Analysis Logs

General

Target

opengl32.dll
Size

76KB
MD5

7052a9f82aa52f1a2e238185bab7e019
SHA1

4b4f69060faa54fd1a285d67aa64a3f03849348a
SHA256

cdffd2ddc20ec43296c371f116fd061375fc28e5ea9707d764c7268ea14c0158
SHA512

d29e1b4548adb5fd60eb69d916dd2447b47e8dea42dc446df70d817682afcc186fefa584f9e885ddafe4549507c1e44a9b5afa70bfb7be5a026dcef4a54260f3
SSDEEP

1536:saa2KBdlQLv3Pj76OIbUe91y5BnJAGVbY/VaivTiTijaY6N2:T4M359JAGVM/Va6OWwN

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 5060 wrote to memory of 2032	5060	rundll32.exe	83
PID 5060 wrote to memory of 2032	5060	rundll32.exe	83
PID 5060 wrote to memory of 2032	5060	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\opengl32.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:5060
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\opengl32.dll,#1
  2⤵
  PID:2032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads