159bd973bae27b814a3e532b2ffe7d3960b96c1f739a2967c7ce8f77c6954521

Analysis

max time kernel
94s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
26-12-2024 13:50

Target

plugu v1 fixed.dll
Size

8.5MB
MD5

99492d91112af8d998d0861aab3acabb
SHA1

ea514ae666eebf3dd02337cd55531c36407bbf18
SHA256

f2ecabc649b7db40d38a85bbdb8e4491adb613d242bbda3be3677975820d7268
SHA512

fb2a530a0cb47ca7cd814ed7b9887f4232458b918ef99a27238b54ad1ba91ea8f37fcb4c2318bf769aa5f5d22b796f6993bd6203c187969222b1d03a4282a296
SSDEEP

49152:I03qQXG9X3tDkajE3OtgaNBsp5xYeRY+yvBbixY+6hOEuJgh/6RgjbwimjnE47/H:Qb98pshUih/nbwcgKRlRT7qFx15jXzH

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4144	rundll32.exe
4144	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\plugu v1 fixed.dll",#1
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:4144

memory/4144-1-0x00000290082C0000-0x0000029008B21000-memory.dmp

Filesize
8.4MB

Download
memory/4144-0-0x00000290082C0000-0x0000029008B21000-memory.dmp

Filesize
8.4MB

Download
memory/4144-3-0x00000290082C0000-0x0000029008B21000-memory.dmp

Filesize
8.4MB

Download
memory/4144-5-0x00000290082C0000-0x0000029008B21000-memory.dmp

Filesize
8.4MB

Download