Analysis
-
max time kernel
94s -
max time network
95s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
03/10/2024, 08:37
General
-
Target
4321c6ef16529a606cca32fcaeb8b570e1510091be835289267d14582ecb2550N.dll
-
Size
7KB
-
MD5
4f5bc6a2d24c48b5091c978d599d5e90
-
SHA1
26ce98ecdb4f85c9c0d46d2bf494de0be341dace
-
SHA256
4321c6ef16529a606cca32fcaeb8b570e1510091be835289267d14582ecb2550
-
SHA512
cb65daeb0a98249b217b14fca65e9973e2c61c12c50b87838c17a911692510f55eb5b56329823e7db4b993957f6be9e76eb997412726c0a4b036c0cb550dd381
-
SSDEEP
96:DixZjmjtjd8jPjcZGR5TIGmcsJSzjdj4/GdUmIkcWiWetJCK+fOWVj:unSR6bgYHKSBB+mRcWiWetJ9+fOWVj
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\4321c6ef16529a606cca32fcaeb8b570e1510091be835289267d14582ecb2550N.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\4321c6ef16529a606cca32fcaeb8b570e1510091be835289267d14582ecb2550N.dll,#12⤵
- System Location Discovery: System Language Discovery
-