8308975ce3092d911742cc0d5b83f17c04a7673fb50d00580429388b7aa0bd27 | Triage

Resubmissions

21-09-2021 13:24

210921-qnpvwsccdk 10

14-09-2021 11:19

210914-ne2rzsafbp 1

Analysis

max time kernel
147s
max time network
122s
platform
windows10_x64
resource
win10v20210408
submitted
14-09-2021 11:19

Sharing

Report Analysis Logs

General

Target

090921.dll
Size

367KB
MD5

7fcab487b86152ad589d53d936d4c55c
SHA1

7cc03d7e00679fc2ac866860a72d1a78bee37c2a
SHA256

8308975ce3092d911742cc0d5b83f17c04a7673fb50d00580429388b7aa0bd27
SHA512

70b0938b07f7695ecb7b69d36bdf8b4bf72ad3ea2282057f0b63bdcd54d619a935aed6da439b779dbf4ba621cdc9a0472cc9bfa97c3fccea126a6ffadcd8c9ff

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 632 wrote to memory of 904	632	regsvr32.exe	68
PID 632 wrote to memory of 904	632	regsvr32.exe	68
PID 632 wrote to memory of 904	632	regsvr32.exe	68

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\090921.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:632
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\090921.dll
  2⤵
  PID:904

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/904-116-0x0000000010000000-0x0000000010067000-memory.dmp

Filesize
412KB

Download
memory/904-115-0x00000000009B0000-0x0000000000AFA000-memory.dmp

Filesize
1.3MB

Download