Overview

overview

5

Static

static

10

Iwowtiou1.dll

windows7_x64

5

Iwowtiou1.dll

windows10_x64

5

Resubmissions

13-09-2021 11:30

210913-nl7ltagfcj 10

05-09-2021 00:47

210905-a5b3cshfhr 10

Analysis

  • max time kernel
    140s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-en
  • submitted
    05-09-2021 00:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Iwowtiou1.dll

  • Size

    4.5MB

  • MD5

    81b5922c26d007efa85d746f7e5cd175

  • SHA1

    44b20bc1d9781cb19fd322043ea8cc549430a817

  • SHA256

    0aa4eccf0ba03e7269c132d4542f13af44a7cb5c25ee156694e8e230bb6ef348

  • SHA512

    81990781ce8fc6f660f6dd8dceb2dce05a0b07e77d79d2323a5b07a94ce70edc88f5c8b0692850d565ba59f3c2ae0c885281e52740228e60b1527715af8d2d56

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\Iwowtiou1.dll
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:1664

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1664-52-0x000007FEFB591000-0x000007FEFB593000-memory.dmp

    Filesize

    8KB

    Download