Analysis
-
max time kernel
45s -
max time network
53s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
21-09-2021 13:24
Static task
static1
Behavioral task
behavioral1
Sample
090921.gif.dll
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
090921.gif.dll
Resource
win10-en-20210920
windows10_x64
0 signatures
0 seconds
General
-
Target
090921.gif.dll
-
Size
383KB
-
MD5
479dae0f72f4d57bd20e0bf8cb3ebdf7
-
SHA1
b49f31a7d8f68ca307f3d0abcf4d05313ee2b844
-
SHA256
4f68558fb7a921b837926ca4e87fecba073f551a44c88109453a1a8099d003b6
-
SHA512
afb0a6fc0c7783f04a22ec721543084e0532f87c7903c42b831c8954aceb231b099f87c3da3edabd1c9b36045cc4b3747b27e386f37b3fbac349c0036717d63d
Score
4/10
Malware Config
Signatures
-
Drops file in Windows directory 1 IoCs
description ioc Process File opened for modification C:\Windows\ regsvr32.exe -
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1684 wrote to memory of 1340 1684 regsvr32.exe 25 PID 1684 wrote to memory of 1340 1684 regsvr32.exe 25 PID 1684 wrote to memory of 1340 1684 regsvr32.exe 25 PID 1684 wrote to memory of 1340 1684 regsvr32.exe 25 PID 1684 wrote to memory of 1340 1684 regsvr32.exe 25 PID 1684 wrote to memory of 1340 1684 regsvr32.exe 25 PID 1684 wrote to memory of 1340 1684 regsvr32.exe 25