52fb3c04bce3b71fce210161d8c711740b316ffbfe30e944e03e90725c1ac77f | Triage

Analysis

max time kernel
167s
max time network
181s
platform
windows10_x64
resource
win10-en-20211104
submitted
13-11-2021 17:36

Sharing

Report Analysis Logs

General

Target

52fb3c04bce3b71fce210161d8c711740b316ffbfe30e944e03e90725c1ac77f.dll
Size

64KB
MD5

d2e63ea0d743dc301a9823b3bede44c5
SHA1

9f4376a6ca06a8ad955e99518064da13ce28b74f
SHA256

52fb3c04bce3b71fce210161d8c711740b316ffbfe30e944e03e90725c1ac77f
SHA512

ff729f7f982cb812d64f38b7d89165d0cbcf72d21248ecbb2c54eb5dc2cee350bfd9023ce323dacedef0a8e26321f08fda121ed606c3d04be0269a296604cdbc

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 288 wrote to memory of 1892	288	regsvr32.exe	68
PID 288 wrote to memory of 1892	288	regsvr32.exe	68
PID 288 wrote to memory of 1892	288	regsvr32.exe	68

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\52fb3c04bce3b71fce210161d8c711740b316ffbfe30e944e03e90725c1ac77f.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:288
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\52fb3c04bce3b71fce210161d8c711740b316ffbfe30e944e03e90725c1ac77f.dll
  2⤵
  PID:1892

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads