1d8be5c611520270cca29c5b96ad2302cd699317e6c061b024fb97dea6428b2b | Triage

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
22/07/2024, 01:51

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

4236bc43a018e0a153f73b413dba9440N.dll
Size

5KB
MD5

4236bc43a018e0a153f73b413dba9440
SHA1

5b114f24af52a4a35ca6cae5afeaf3122c5fae5b
SHA256

1d8be5c611520270cca29c5b96ad2302cd699317e6c061b024fb97dea6428b2b
SHA512

fef6c6bc14738c2c89b2a142ce8eaf77587716d70f44c360183a8ca49e2ac78cb93746057ff94c569b3e969007af84cfc84ed5f90250724ec916620da704deb7
SSDEEP

96:nEY2RrF1eqwi4CP2kfpimXqrFj1K+MFWwd0PtFLmZ:EHRh1eppafjXqr9wiPtF8

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2144 wrote to memory of 2388	2144	rundll32.exe	30
PID 2144 wrote to memory of 2388	2144	rundll32.exe	30
PID 2144 wrote to memory of 2388	2144	rundll32.exe	30
PID 2144 wrote to memory of 2388	2144	rundll32.exe	30
PID 2144 wrote to memory of 2388	2144	rundll32.exe	30
PID 2144 wrote to memory of 2388	2144	rundll32.exe	30
PID 2144 wrote to memory of 2388	2144	rundll32.exe	30

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\4236bc43a018e0a153f73b413dba9440N.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2144
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\4236bc43a018e0a153f73b413dba9440N.dll,#1
  2⤵
  PID:2388

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads