df2e67bd679cf82dc76c24dd69cb5dafa60310e2bd7836e2d033f39af98a8756 | Triage

Analysis

max time kernel
93s
max time network
94s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
16/07/2024, 02:43

Sharing

Report Analysis Logs

General

Target

54783c2b947174b51d60442c9e60e7e0N.dll
Size

1.6MB
MD5

54783c2b947174b51d60442c9e60e7e0
SHA1

1cc3729ac78e89e1e7eb95511e2e374718c8e760
SHA256

df2e67bd679cf82dc76c24dd69cb5dafa60310e2bd7836e2d033f39af98a8756
SHA512

7f24eb4122770f3e5096908ce366cc0d1a9895b865d26a539aa2f1ad6ed1fe889164d8b7521a225a62bd28927e881adf03848bcf59eba1a5b788699b8ea0b7da
SSDEEP

12288:dQGrG4W2mLWu06UEPZZ5z39jjyaolVZ13:dF1m7UExIaovZp

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2628 wrote to memory of 4736	2628	rundll32.exe	83
PID 2628 wrote to memory of 4736	2628	rundll32.exe	83
PID 2628 wrote to memory of 4736	2628	rundll32.exe	83

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\54783c2b947174b51d60442c9e60e7e0N.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2628
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\54783c2b947174b51d60442c9e60e7e0N.dll,#1
  2⤵
  PID:4736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads