Analysis
-
max time kernel
2s -
max time network
8s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
26-02-2021 10:58
Static task
static1
Behavioral task
behavioral1
Sample
mon80.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
General
-
Target
mon80.dll
-
Size
468KB
-
MD5
3cee87ebc7068a187eb004eb95f98bcd
-
SHA1
80621efcaaf5ed4c1fce32add111aa532f6b4efe
-
SHA256
73549c17c4437c811e33b8dc51694b8d4f0f78f0ddf4019b3158b904a2d2b94d
-
SHA512
853ceb8eba3786766bb3ec46469727ed6d22b7929d73d52dbe18c9c85b79c08cd1d24977d3c0334ccf19d0d6ccd4d95217db1069e199350ae79fdff8c2d4c17a
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
regsvr32.exedescription pid process target process PID 296 wrote to memory of 2000 296 regsvr32.exe regsvr32.exe PID 296 wrote to memory of 2000 296 regsvr32.exe regsvr32.exe PID 296 wrote to memory of 2000 296 regsvr32.exe regsvr32.exe PID 296 wrote to memory of 2000 296 regsvr32.exe regsvr32.exe PID 296 wrote to memory of 2000 296 regsvr32.exe regsvr32.exe PID 296 wrote to memory of 2000 296 regsvr32.exe regsvr32.exe PID 296 wrote to memory of 2000 296 regsvr32.exe regsvr32.exe