Analysis
-
max time kernel
108s -
max time network
112s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
24-11-2020 15:20
Static task
static1
Behavioral task
behavioral1
Sample
nivude1.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
nivude1.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
nivude1.dll
-
Size
105KB
-
MD5
3ab20b297e3b7fd853b7544c5ad3f142
-
SHA1
37a2f9bdd672de1bfe7d55ac4b4c42ef9c63af83
-
SHA256
f25862e2ae2bc1af4a3117c22317abac677b278645135013cdd43e47868d536b
-
SHA512
0a32cae98c84f22739dce64e3200201acfd6799c5c289e92449014daa172a996a3186bdb8329d950ca271257abb23b36bb0b30ffabeb4c419b215e071ae1bef7
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
regsvr32.exedescription pid process target process PID 3988 wrote to memory of 864 3988 regsvr32.exe regsvr32.exe PID 3988 wrote to memory of 864 3988 regsvr32.exe regsvr32.exe PID 3988 wrote to memory of 864 3988 regsvr32.exe regsvr32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/864-0-0x0000000000000000-mapping.dmp