b3b8baae3ca6b7d301d5bcd45859c6f00eef17bdd8b2ef1d7571b85d83fef4e4

Analysis

max time kernel
139s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
19-07-2024 11:46

Target

Wopti.v7.91.Build.9.115.By.MyCrack/Woptiglobe.dll
Size

107KB
MD5

7516165cda4b3401f6b97e652aaef8d1
SHA1

58bc4b29df91b697118a22438016cfadbff44036
SHA256

6541d1e0c1982389cb45145f09f6e2433c76eaa88d3358300a6ed26abf442761
SHA512

8ee02ef683708d98eb2df2f03a8adc8f985078f48ac6ae11f9dfc5a6efb35bac7304a7e6d023a97e5129af6ac7ed66b706cfa7166acdaddfd05d742c20240dfd
SSDEEP

3072:iZOup54zfpVSkNeXM6aWv/pQpHBQdSxg0AlNtyZ9f51BXuM+rTVLh:wpIDSkNeXfvRyZ9fV+N

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2272 wrote to memory of 3168	2272	rundll32.exe	86
PID 2272 wrote to memory of 3168	2272	rundll32.exe	86
PID 2272 wrote to memory of 3168	2272	rundll32.exe	86

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Wopti.v7.91.Build.9.115.By.MyCrack\Woptiglobe.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2272
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\Wopti.v7.91.Build.9.115.By.MyCrack\Woptiglobe.dll,#1
  2⤵
  PID:3168