9f83690b4ba738a40f8993645d5d02d3fda46041bf93a97cbde487fe09e3bb86 | Triage

Resubmissions

09-08-2024 06:22

240809-g5c3zs1ejc 10

Analysis

max time kernel
1463s
max time network
1494s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
09-08-2024 06:22

Sharing

Report Analysis Logs

General

Target

ProtoInputUtilDynamic64.dll
Size

49KB
MD5

70c51f56fa48f8d24072bedb6356a3d5
SHA1

d9e19472d260f2b386b3e8f139b6d48ab0227590
SHA256

82c52bcf2e74913ffcd03ecc706c80fa16835790e4f01c0020e64dc7744c36ed
SHA512

35592d942f3f60f71a277a7b9baaf4b96139aacd5c1649fa8621f47ae8442ab5e2a3931b77f695bd0c9ef83845484e79744e979ccfdc45fc1e7ce9c0125f5adb
SSDEEP

768:44FmdomOnTHefwXBDmcYmZqBy/4KEHK94t8+T1jizgSU38KDlAP:jAdLu+oXdkBt86AKDl

Score

1^/10

Malware Config

Signatures

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

rundll32.exe

pid process

3108 rundll32.exe
Suspicious use of SendNotifyMessage 1 IoCs

Processes:

rundll32.exe

pid process

3108 rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\ProtoInputUtilDynamic64.dll,#1
1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads