bca0281a6295c140c0e05b082f43915a631f7b2925501bfe1619d6b234b5049e | Triage

Analysis

max time kernel
109s
max time network
121s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
19-07-2024 11:54

Sharing

Report Analysis Logs

General

Target

8fa60d06d80f37da7fb8999873484280N.dll
Size

3KB
MD5

8fa60d06d80f37da7fb8999873484280
SHA1

e5988f876fcad3a83739254e87275ee994e050a7
SHA256

bca0281a6295c140c0e05b082f43915a631f7b2925501bfe1619d6b234b5049e
SHA512

06b498f159be34dfe690c4a2d4cf180b76a59d7c9f7b296563225a07f24e3c85653fd4e808a7e71ca6574fecb08236f69abf6110565952e073f4856fa20704b6

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1608 wrote to memory of 1892	1608	rundll32.exe	84
PID 1608 wrote to memory of 1892	1608	rundll32.exe	84
PID 1608 wrote to memory of 1892	1608	rundll32.exe	84

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\8fa60d06d80f37da7fb8999873484280N.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1608
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\8fa60d06d80f37da7fb8999873484280N.dll,#1
  2⤵
  PID:1892

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads