28bb09aa9c53b5af3f0846c3c1f8e3c6b60918504ef74a678b89ffbd3bc1a9b0

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240910-en
resource tags

arch:x64arch:x86image:win10v2004-20240910-enlocale:en-usos:windows10-2004-x64system
submitted
03-10-2024 08:14

Target

28bb09aa9c53b5af3f0846c3c1f8e3c6b60918504ef74a678b89ffbd3bc1a9b0.dll
Size

3.5MB
MD5

bbda1e7d5a28dfac6f028aaee8ca5579
SHA1

27fb9fcc6ef076dbf7dd224a257efa4257343dc4
SHA256

28bb09aa9c53b5af3f0846c3c1f8e3c6b60918504ef74a678b89ffbd3bc1a9b0
SHA512

f5baeb4f29664b8177e8a1c85842902c64b2ff3987ecf4ab43b2717365c6eb41b17b62b3f71b14031cdfaaec262b4e40f5d853b36ab319a19722d75e0c8e16e2
SSDEEP

49152:WwApIj2UwOmhJfOkNqZbPxrH4jP/A7+Lc37acfmWd/5gPzpuOEeMzj+TALICmwdf:Wrmj3EA6qNJ7F7yTWnRYEeMzj7BxMxk

Score

1^/10

Suspicious behavior: EnumeratesProcesses 4 IoCs

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\28bb09aa9c53b5af3f0846c3c1f8e3c6b60918504ef74a678b89ffbd3bc1a9b0.dll,#1
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:964

memory/964-0-0x00007FF8291B3000-0x00007FF8293AF000-memory.dmp

Filesize
2.0MB

Download
memory/964-2-0x00007FF829190000-0x00007FF82972D000-memory.dmp

Filesize
5.6MB

Download
memory/964-1-0x00007FF838230000-0x00007FF838232000-memory.dmp

Filesize
8KB

Download
memory/964-5-0x00007FF829190000-0x00007FF82972D000-memory.dmp

Filesize
5.6MB

Download
memory/964-6-0x00007FF829190000-0x00007FF82972D000-memory.dmp

Filesize
5.6MB

Download
memory/964-7-0x00007FF829190000-0x00007FF82972D000-memory.dmp

Filesize
5.6MB

Download