Analysis
-
max time kernel
4s -
max time network
12s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
27-02-2021 07:02
Static task
static1
Behavioral task
behavioral1
Sample
b01f4d6e58860cbfbad674024ae98af0.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
General
-
Target
b01f4d6e58860cbfbad674024ae98af0.dll
-
Size
469KB
-
MD5
b01f4d6e58860cbfbad674024ae98af0
-
SHA1
93919c4013bb080986a298e589729437751c0514
-
SHA256
c7186def2bb6152289700ba76f681460138d28885aaad97ad3fdb7023be57bdf
-
SHA512
19530c658c87d45355019bcd3acbefce0864ece679a6c7fb964136f01cb42d252ee21501feb49a76dd6c09d868eeb3f1a220a88180412db51bb8bc57a3c0daf1
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
regsvr32.exedescription pid process target process PID 384 wrote to memory of 1992 384 regsvr32.exe regsvr32.exe PID 384 wrote to memory of 1992 384 regsvr32.exe regsvr32.exe PID 384 wrote to memory of 1992 384 regsvr32.exe regsvr32.exe PID 384 wrote to memory of 1992 384 regsvr32.exe regsvr32.exe PID 384 wrote to memory of 1992 384 regsvr32.exe regsvr32.exe PID 384 wrote to memory of 1992 384 regsvr32.exe regsvr32.exe PID 384 wrote to memory of 1992 384 regsvr32.exe regsvr32.exe