01ce406541ad8301523e415a187da19c4f254a90b9e18e02aea95de432792ba6

Analysis

max time kernel
97s
max time network
103s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15/07/2024, 00:58

Target

51a279222ea55abed1a78cba857175a0N.dll
Size

2.2MB
MD5

51a279222ea55abed1a78cba857175a0
SHA1

14fe181a8519f288fa0365fd763a0cde6ae4d031
SHA256

01ce406541ad8301523e415a187da19c4f254a90b9e18e02aea95de432792ba6
SHA512

38511f85f9bce59990c7ed25a8f81659203bd510ff1402cf0ef855e342ada7e97d173b29cafc6a03814cc8491fc40160284bfc684579b605fc12a8a6ae40a9e2
SSDEEP

49152:5WCJfI760+dYUJUNlynyhKHIYchj7xevOdD7XZX2xx:YCl2+qc3yhzjevqD7Xx8x

Score

8^/10

Blocklisted process makes network request 1 IoCs

flow	pid	Process
32	4724	rundll32.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1552 wrote to memory of 4724	1552	rundll32.exe	83
PID 1552 wrote to memory of 4724	1552	rundll32.exe	83
PID 1552 wrote to memory of 4724	1552	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\51a279222ea55abed1a78cba857175a0N.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1552
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\51a279222ea55abed1a78cba857175a0N.dll,#1
  2⤵
  - Blocklisted process makes network request
  PID:4724

memory/4724-0-0x0000000010000000-0x0000000010226000-memory.dmp

Filesize
2.1MB

Download
memory/4724-2-0x00007FF972610000-0x00007FF972805000-memory.dmp

Filesize
2.0MB

Download
memory/4724-3-0x00000000030C0000-0x00000000031CE000-memory.dmp

Filesize
1.1MB

Download
memory/4724-4-0x0000000010000000-0x0000000010226000-memory.dmp

Filesize
2.1MB

Download
memory/4724-8-0x00000000031D0000-0x00000000032C5000-memory.dmp

Filesize
980KB

Download
memory/4724-5-0x00000000031D0000-0x00000000032C5000-memory.dmp

Filesize
980KB

Download
memory/4724-14-0x00000000031D0000-0x00000000032C5000-memory.dmp

Filesize
980KB

Download
memory/4724-15-0x00000000032D0000-0x0000000003C4C000-memory.dmp

Filesize
9.5MB

Download
memory/4724-16-0x0000000003C50000-0x0000000003D33000-memory.dmp

Filesize
908KB

Download
memory/4724-18-0x0000000003D40000-0x0000000003E27000-memory.dmp

Filesize
924KB

Download
memory/4724-17-0x0000000003D40000-0x0000000003E27000-memory.dmp

Filesize
924KB

Download
memory/4724-20-0x0000000003D40000-0x0000000003E27000-memory.dmp

Filesize
924KB

Download
memory/4724-21-0x0000000000F20000-0x0000000000F22000-memory.dmp

Filesize
8KB

Download
memory/4724-22-0x0000000000F30000-0x0000000000F34000-memory.dmp

Filesize
16KB

Download
memory/4724-28-0x00007FF972610000-0x00007FF972805000-memory.dmp

Filesize
2.0MB

Download