Analysis
-
max time kernel
1s -
max time network
127s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
09-11-2020 20:04
Static task
static1
Behavioral task
behavioral1
Sample
frraw7.dll
Resource
win7v20201028
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
frraw7.dll
Resource
win10v20201028
0 signatures
0 seconds
General
-
Target
frraw7.dll
-
Size
874KB
-
MD5
35d1ffad54d3d7129938762b47509b23
-
SHA1
18e9626cce1bd753de6d3136b9c300aec9ebb210
-
SHA256
58feb0e5a795cf5f8ab9f7478b4f26ce936be728e4fa89fa3408f05049d90f2a
-
SHA512
9ae4dc177120dd3efa08f12b94cf1349b55caa705ee4bfb8e3600ecd05dbf2e07b658abd7d36cdd076fe2068c5f9df1715a3cc4c960a9e93456b3a9fb1aa441e
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
regsvr32.exedescription pid process target process PID 3408 wrote to memory of 856 3408 regsvr32.exe regsvr32.exe PID 3408 wrote to memory of 856 3408 regsvr32.exe regsvr32.exe PID 3408 wrote to memory of 856 3408 regsvr32.exe regsvr32.exe