5ccaff60c6df8af62b0404009a7ad44418acb7b8a7264cb2b930cf4d0a67b809

Analysis

max time kernel
122s
max time network
127s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
12/08/2024, 10:25

Target

5ccaff60c6df8af62b0404009a7ad44418acb7b8a7264cb2b930cf4d0a67b809.dll
Size

3.6MB
MD5

e416d80d356dd224ea7d8a478d54b7de
SHA1

0edf02f09c2c1b0f486042a42791539bba0c46d7
SHA256

5ccaff60c6df8af62b0404009a7ad44418acb7b8a7264cb2b930cf4d0a67b809
SHA512

a0a5a1a8615d303e283602e767f0b88ba140ee5ecfd64872a590b204be16cf34694108fa37ee8af9c4897aa800f5534d3de9be44a17821439f4944659222655e
SSDEEP

98304:jRSamULwsOM/WLPyTdPS9hKqp2OW2QvglZY:jRlmU3TOL+qKtvGm

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2292	rundll32.exe
2292	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\5ccaff60c6df8af62b0404009a7ad44418acb7b8a7264cb2b930cf4d0a67b809.dll,#1
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:2292

memory/2292-0-0x000007FEF5863000-0x000007FEF5A6B000-memory.dmp

Filesize
2.0MB

Download
memory/2292-3-0x00000000776A0000-0x00000000776A2000-memory.dmp

Filesize
8KB

Download
memory/2292-1-0x00000000776A0000-0x00000000776A2000-memory.dmp

Filesize
8KB

Download
memory/2292-5-0x00000000776A0000-0x00000000776A2000-memory.dmp

Filesize
8KB

Download
memory/2292-6-0x000007FEF5840000-0x000007FEF5E03000-memory.dmp

Filesize
5.8MB

Download
memory/2292-9-0x000007FEF5840000-0x000007FEF5E03000-memory.dmp

Filesize
5.8MB

Download