pzOEfyaZPW1OyO690Z19HEU7.dll| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6401 | March 8, 2023, 1:59 p.m. | March 8, 2023, 2 p.m. |
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,AJnzwdBqMvQICBAjnC
2560-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,AJnzwdBqMvQICBAjnC
3064
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,APQGYdJtrkXhXkwzKFBCTvI
2644-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,APQGYdJtrkXhXkwzKFBCTvI
3056
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,AQuPFhYruxzxA
2736-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,AQuPFhYruxzxA
2064
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,AbBwdZitlWefdERaOavJlIen
2824-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,AbBwdZitlWefdERaOavJlIen
2264
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,AbPYWiwTVDHFpfYBJn
2920-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,AbPYWiwTVDHFpfYBJn
2556
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,AfvxTJEA
3008-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,AfvxTJEA
2616
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,AvxJWNrnX
1264-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,AvxJWNrnX
2716
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,BUERlq
2428-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,BUERlq
3004
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,Bqptqdk
2728-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,Bqptqdk
3044
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,BslfqQGNXqTuUepvauCkQ
2952-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,BslfqQGNXqTuUepvauCkQ
2444
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,CNsPbULXjYvkd
2508-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,CNsPbULXjYvkd
2436
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,CXSfiCTm
2864-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,CXSfiCTm
2820
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,CfdextKrifuW
1484-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,CfdextKrifuW
2792
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,CfsWcZWQVlifNwBDgGRZIqif
2564-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,CfsWcZWQVlifNwBDgGRZIqif
2740
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,ClqIyzBkLjDFLJ
320-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,ClqIyzBkLjDFLJ
2228
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,CgdlGBNRFRzTzmfguqz
2524-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,CgdlGBNRFRzTzmfguqz
2320
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DCLGmuYl
2532-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DCLGmuYl
2980
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DEaqEFNRtMCaaVnaAUQtMbKum
2828-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DEaqEFNRtMCaaVnaAUQtMbKum
2220
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DCQZVUAVgMiARD
2124-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DCQZVUAVgMiARD
2592
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DIXpgfZZxsBhi
2180-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DIXpgfZZxsBhi
3224
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DJFaUyIipeGIfwlkpX
3076-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DJFaUyIipeGIfwlkpX
3260
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DVPdiFeTcDmXs
3176-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DVPdiFeTcDmXs
3336
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DhYIKjxmGGYY
3404-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DhYIKjxmGGYY
3492
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DiwnEUvduBkM
3552-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DiwnEUvduBkM
3932
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DllRegisterServer
3648-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DllRegisterServer
4048-
regsvr32.exe C:\Windows\system32\regsvr32.exe "C:\Windows\system32\JXHRMZvSx\tbvybWhUshyYeHmM.dll"
5028
-
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DrgYCMNiVbrUGwRTpRdvxI
3736-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,DrgYCMNiVbrUGwRTpRdvxI
3136
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,EEjaFHKntpLIhbdTrDK
3828-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,EEjaFHKntpLIhbdTrDK
3104
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,EdTDhMMiYAFBShyYKs
3924-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,EdTDhMMiYAFBShyYKs
3356
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,EkMGlO
4080-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,EkMGlO
2104
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,EnsJjCOccyCjAVZkRnVMDMVZ
2960-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,EnsJjCOccyCjAVZkRnVMDMVZ
3544
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,EpwzPNUZHdojuinzfIpfYQ
3516-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,EpwzPNUZHdojuinzfIpfYQ
3748
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,EyuImeQbPHMFKzOFVqc
3716-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,EyuImeQbPHMFKzOFVqc
3364
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FJAVswpuwGKsMXPsiiQRYv
3952-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FJAVswpuwGKsMXPsiiQRYv
3380
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FOWbUDfELrAQAEKqJf
4076-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FOWbUDfELrAQAEKqJf
3572
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FQLPnQNLD
3284-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FQLPnQNLD
3668
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FWSKyRQMOuWSm
3816-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FWSKyRQMOuWSm
3192
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FQbFKHXX
3112-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FQbFKHXX
3836
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FWVdsLrtEVBzLaCmZNEpx
3096-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FWVdsLrtEVBzLaCmZNEpx
3340
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FeGqog
3084-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FeGqog
3464
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FkcAXdH
3892-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FkcAXdH
3628
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FqDNSXzugPznspUD
3388-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,FqDNSXzugPznspUD
3972
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,GQAlasmiaEy
3592-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,GQAlasmiaEy
3436
-
-
explorer.exe C:\Windows\Explorer.EXE
1452 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,GQjtxdyXvtsqdfVrQBqm
3720-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,GQjtxdyXvtsqdfVrQBqm
3884
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,GdiMTODVmsR
3920-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,GdiMTODVmsR
3400
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,GxxJJdRIqTBJAMnBIcxq
3908-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,GxxJJdRIqTBJAMnBIcxq
4208
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,HOnlfLBWkQCooC
4156-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,HOnlfLBWkQCooC
4400
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,HWTqOVHRABB
4288-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,HWTqOVHRABB
4428
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,IOMcKFaJXihdqDAogVN
4392-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,IOMcKFaJXihdqDAogVN
4620
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,IpoojIRy
4564-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,IpoojIRy
4776
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,IvvQFcaABzyyLhduvbY
4700-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,IvvQFcaABzyyLhduvbY
4812
-
-
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,JFrkuFzJMrWvkaYOQlJ
4852 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,JUBJYfmZGotuEKSafNPlGEAMy
4972 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,JheZxhw
5108 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,JkoaHQBWgZLoeIqdRFVkMlq
4284 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,JlscSxwnKrxRmaJ
4440 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,JpqPCRXJWOy
4552 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,JvcfiztFAuNa
4740 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,KStKTzwWJbprlqO
4292 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,KWLauUGkNHofayeYLCFSpOfuXl
5012 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,KYEVLHhbRMHw
3508 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,KZwwxlBTSHOg
4200 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,KnTTKeu
4212 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,KrldazbljxeAJoh
4680 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,KvQcPVBCIwQMISVMmy
4560 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,KwTVqLAsKCaCz
4148 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,KyLhcvzfifBtOE
828 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,KzpAtJXTRJRN
4684 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,LDldVNlhAieNMMtCa
4876 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,LXxoKBfNdArZYQncLEi
1304 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,LbGmmSnPyxEOeYshUChQLjrUg
4380 -
rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Local\Temp\pzOEfyaZPW1OyO690Z19HEU7.dll,LjYfYsPmJSQelB
4612
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| No hosts contacted. | ||
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| section | .rodata |
| resource name | KKSXQOO |
| cmdline | C:\Windows\system32\regsvr32.exe "C:\Windows\system32\JXHRMZvSx\tbvybWhUshyYeHmM.dll" |
| section | {u'size_of_data': u'0x0002be00', u'virtual_address': u'0x00086000', u'entropy': 7.834631838647657, u'name': u'.rsrc', u'virtual_size': u'0x0002be00'} | entropy | 7.83463183865 | description | A section with a high entropy has been found | |||||||||
| entropy | 0.285598047193 | description | Overall entropy of this PE file is high | |||||||||||
| process | regsvr32.exe |
| process | rundll32.exe |
| file | C:\Windows\System32\JXHRMZvSx\tbvybWhUshyYeHmM.dll:Zone.Identifier |
| Elastic | malicious (moderate confidence) |
| Cynet | Malicious (score: 100) |
| Sangfor | Spyware.Win64.Emotet.V0ir |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Symantec | ML.Attribute.HighConfidence |
| ESET-NOD32 | Win64/Emotet.AH |
| Kaspersky | UDS:Trojan-Banker.Win64.Emotet.cmsv |
| BitDefender | Trojan.GenericKD.65828879 |
| MicroWorld-eScan | Trojan.GenericKD.65828879 |
| Rising | Trojan.Emotet!8.B95 (CLOUD) |
| TrendMicro | TrojanSpy.Win64.EMOTET.YXDCGZ |
| McAfee-GW-Edition | BehavesLike.Win64.Infected.jh |
| FireEye | Trojan.GenericKD.65828879 |
| GData | Win32.Trojan-Spy.Emotet.KKA17T |
| Webroot | W32.Trojan.Emotet |
| MAX | malware (ai score=85) |
| Gridinsoft | Malware.Win64.Emotet.bot |
| Microsoft | Trojan:Win64/Emotet.AL!MTB |
| McAfee | Artemis!FE1097B9754D |
| TrendMicro-HouseCall | TrojanSpy.Win64.EMOTET.YXDCGZ |
| Ikarus | Trojan-Spy.Emotet |
| MaxSecure | Trojan.Malware.300983.susgen |