8c4465546c059cffbbc5cc499b6624a4b00e2a0a603edcc522c3470333ca26d5 | Triage

Analysis

max time kernel
103s
max time network
105s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
20-07-2024 01:57

Sharing

Report Analysis Logs

General

Target

374ff0802def7cbd1fb2973b7559fe00N.dll
Size

6KB
MD5

374ff0802def7cbd1fb2973b7559fe00
SHA1

f97d8130629460b7f662465bf2a3e62d8526ee96
SHA256

8c4465546c059cffbbc5cc499b6624a4b00e2a0a603edcc522c3470333ca26d5
SHA512

5a4098d979f7b8e36e6260a2218dd846070b6fb45a2456dd19ed9fe528c5094dc8cb6b246ea431a37335657c0eec9901e329fc3ee8d4deb86350365d6b615b43
SSDEEP

48:6AA35YVOQDV8FszwydlAYsLFV3G0eB+BDq9J5S2:0QDV8FscMjsLFV3WB+FqX5S2

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4588 wrote to memory of 3308	4588	rundll32.exe	86
PID 4588 wrote to memory of 3308	4588	rundll32.exe	86
PID 4588 wrote to memory of 3308	4588	rundll32.exe	86

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\374ff0802def7cbd1fb2973b7559fe00N.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:4588
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\374ff0802def7cbd1fb2973b7559fe00N.dll,#1
  2⤵
  PID:3308

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads