bbfede576c9e83d1299335f3b8fe2cffc728e31ec2964f6dbf74fafeacde29ef

Analysis

max time kernel
117s
max time network
120s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
06/09/2024, 09:24

Target

bbfede576c9e83d1299335f3b8fe2cffc728e31ec2964f6dbf74fafeacde29ef.dll
Size

3.5MB
MD5

61fd7260038a98ff193b5a7325bf2aa5
SHA1

1d45108d4ea802ea67915440ba2aa57f6d4af440
SHA256

bbfede576c9e83d1299335f3b8fe2cffc728e31ec2964f6dbf74fafeacde29ef
SHA512

7bd97db32b5f684e8e684f39b355ae3d8bdbfe0c062b83408f5f8e877d97dfbd5f4bda9ad94c0a8cb88f8f4de19f8e5cc012a0451f69ac1c17188034e4eb0455
SSDEEP

49152:1m9HeH4FtP460/Igc9F3eKozoBkwAYwlNUdh12MZXHBSn+YmW4O3m7cjmMQTC+z6:8QKotcTlBk9YwzEhPbYzjmMtccXk8K2

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1660	rundll32.exe
1660	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\bbfede576c9e83d1299335f3b8fe2cffc728e31ec2964f6dbf74fafeacde29ef.dll,#1
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1660

memory/1660-10-0x0000000077B11000-0x0000000077B12000-memory.dmp

Filesize
4KB

Download
memory/1660-9-0x000007FEF5BE0000-0x000007FEF6188000-memory.dmp

Filesize
5.7MB

Download
memory/1660-6-0x000007FEF5BE0000-0x000007FEF6188000-memory.dmp

Filesize
5.7MB

Download
memory/1660-5-0x0000000077C70000-0x0000000077C72000-memory.dmp

Filesize
8KB

Download
memory/1660-3-0x0000000077C70000-0x0000000077C72000-memory.dmp

Filesize
8KB

Download
memory/1660-1-0x0000000077C70000-0x0000000077C72000-memory.dmp

Filesize
8KB

Download
memory/1660-0-0x000007FEF5C03000-0x000007FEF5E02000-memory.dmp

Filesize
2.0MB

Download