Analysis

  • max time kernel
    3s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7v20210410
  • submitted
    30-07-2021 09:06

General

  • Target

    CaLibraryPro.dll

  • Size

    292KB

  • MD5

    6f06fe635505abb6811885210c10b1bf

  • SHA1

    62d5a79c575e8a12bbf6cc60999d172edf774368

  • SHA256

    0318676264b86a477e3404ef0a09ce418768d8f893f6ccc44dbe072afe057ecd

  • SHA512

    9eb256d0dee801e29d6097b5d15fdd55d15e76b44dfc52c3587a7b3bce709b319125e0ae34eb99f3284884ccc243add9a878fefa0f31a9de6f2f1d2a0fdadc1d

Score
1/10

Malware Config

Signatures

  • Modifies registry class 64 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\CaLibraryPro.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1672
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\CaLibraryPro.dll
      2⤵
      • Modifies registry class
      PID:1208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1208-61-0x0000000000000000-mapping.dmp
  • memory/1208-62-0x00000000768B1000-0x00000000768B3000-memory.dmp
    Filesize

    8KB

  • memory/1672-60-0x000007FEFC221000-0x000007FEFC223000-memory.dmp
    Filesize

    8KB