dec2bb599594a68fae3511550ef931894a76c27c56cb24310cb2aa101b3339f8

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
09/08/2024, 10:52

Target

dec2bb599594a68fae3511550ef931894a76c27c56cb24310cb2aa101b3339f8.dll
Size

4.6MB
MD5

fc016fa05baf3fcef43fce03687029cf
SHA1

31ba7c8ea747792f946d40aa226324ef94f03731
SHA256

dec2bb599594a68fae3511550ef931894a76c27c56cb24310cb2aa101b3339f8
SHA512

fcb5d90f066262fc740b861a0c609262eedcf9995702d7f9d6512c9f2e2d3f1e83053a25c17dd7bb27f3c135c13fa8f26e65a58a599f40dce0e4ded35def62ab
SSDEEP

49152:x1D5B2CxtODjjbXhA8fIADCF4ZHw4AI9doj8eaBTutBXSe76iZMxpJjCQs/5uIc3:x11BvxtCA8wADA4AIvEapQCAcQQlInA3

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2160	rundll32.exe
2160	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\dec2bb599594a68fae3511550ef931894a76c27c56cb24310cb2aa101b3339f8.dll,#1
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:2160

memory/2160-4-0x0000000077C10000-0x0000000077C12000-memory.dmp

Filesize
8KB

Download
memory/2160-2-0x0000000077C10000-0x0000000077C12000-memory.dmp

Filesize
8KB

Download
memory/2160-0-0x0000000077C10000-0x0000000077C12000-memory.dmp

Filesize
8KB

Download
memory/2160-5-0x000007FEF5E40000-0x000007FEF63F4000-memory.dmp

Filesize
5.7MB

Download
memory/2160-8-0x000007FEF5E63000-0x000007FEF6066000-memory.dmp

Filesize
2.0MB

Download
memory/2160-9-0x000007FEF5E40000-0x000007FEF63F4000-memory.dmp

Filesize
5.7MB

Download