d68cbc37091a69aa4e512c93a61ee487922f672eefb40edb1d3574d51fad8b36 | Triage

Analysis

max time kernel
93s
max time network
106s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15/07/2024, 10:35

Sharing

Report Analysis Logs

General

Target

c6433fa8aeeefb270fbbd8fde4a94580N.dll
Size

4KB
MD5

c6433fa8aeeefb270fbbd8fde4a94580
SHA1

6de3b50132ff4d20f8273df3f3c0290af2e43bf0
SHA256

d68cbc37091a69aa4e512c93a61ee487922f672eefb40edb1d3574d51fad8b36
SHA512

7f91488bd4ec04faa1b6ce301a4588ca82afb9e2922c1c2be715206afb730e41e5849dda8295cd56dde75fcb1fb61d03ff507508b00a36ab954a6c60cf1eb513

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1528 wrote to memory of 4412	1528	rundll32.exe	83
PID 1528 wrote to memory of 4412	1528	rundll32.exe	83
PID 1528 wrote to memory of 4412	1528	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\c6433fa8aeeefb270fbbd8fde4a94580N.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1528
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\c6433fa8aeeefb270fbbd8fde4a94580N.dll,#1
  2⤵
  PID:4412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads