Analysis
-
max time kernel
81s -
max time network
148s -
platform
windows10_x64 -
resource
win10-en -
submitted
13-09-2021 16:36
Static task
static1
Behavioral task
behavioral1
Sample
090921.gif.dll
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
090921.gif.dll
Resource
win10-en
windows10_x64
0 signatures
0 seconds
General
-
Target
090921.gif.dll
-
Size
383KB
-
MD5
479dae0f72f4d57bd20e0bf8cb3ebdf7
-
SHA1
b49f31a7d8f68ca307f3d0abcf4d05313ee2b844
-
SHA256
4f68558fb7a921b837926ca4e87fecba073f551a44c88109453a1a8099d003b6
-
SHA512
afb0a6fc0c7783f04a22ec721543084e0532f87c7903c42b831c8954aceb231b099f87c3da3edabd1c9b36045cc4b3747b27e386f37b3fbac349c0036717d63d
Score
4/10
Malware Config
Signatures
-
Drops file in Windows directory 1 IoCs
description ioc Process File opened for modification C:\Windows\ regsvr32.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3992 wrote to memory of 4016 3992 regsvr32.exe 69 PID 3992 wrote to memory of 4016 3992 regsvr32.exe 69 PID 3992 wrote to memory of 4016 3992 regsvr32.exe 69