Resubmissions

21-09-2021 13:24

210921-qne1paccdj 10

13-09-2021 16:36

210913-t4p3dahbgm 4

Analysis

  • max time kernel
    45s
  • max time network
    53s
  • platform
    windows7_x64
  • resource
    win7v20210408
  • submitted
    21-09-2021 13:24

General

  • Target

    090921.gif.dll

  • Size

    383KB

  • MD5

    479dae0f72f4d57bd20e0bf8cb3ebdf7

  • SHA1

    b49f31a7d8f68ca307f3d0abcf4d05313ee2b844

  • SHA256

    4f68558fb7a921b837926ca4e87fecba073f551a44c88109453a1a8099d003b6

  • SHA512

    afb0a6fc0c7783f04a22ec721543084e0532f87c7903c42b831c8954aceb231b099f87c3da3edabd1c9b36045cc4b3747b27e386f37b3fbac349c0036717d63d

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\090921.gif.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1684
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\090921.gif.dll
      2⤵
      • Drops file in Windows directory
      PID:1340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1340-62-0x0000000075B31000-0x0000000075B33000-memory.dmp

    Filesize

    8KB

  • memory/1340-63-0x00000000001B0000-0x00000000001B1000-memory.dmp

    Filesize

    4KB

  • memory/1684-60-0x000007FEFC2E1000-0x000007FEFC2E3000-memory.dmp

    Filesize

    8KB