6244cb7d824cce770ca075a5d3e6fdc4b21777591e29c5d669c12b6cc4b0bd8a | Triage

Analysis

max time kernel
119s
max time network
119s
platform
windows10_x64
resource
win10-en-20211208
submitted
15-01-2022 01:37

Sharing

Report Analysis Logs

General

Target

6244cb7d824cce770ca075a5d3e6fdc4b21777591e29c5d669c12b6cc4b0bd8a.dll
Size

574KB
MD5

c1efe399005db6fe5782912f48313645
SHA1

00c8f2fe951fa815cf332e1bf4d9f269cacc548f
SHA256

6244cb7d824cce770ca075a5d3e6fdc4b21777591e29c5d669c12b6cc4b0bd8a
SHA512

7e9ae5eca2e811849a85dc26820d5a28e0c9b08fe6e35da4238cef1387f8ac19378a5c2cc8d5d066b025f405229f122d74ee9537a63856dc522beefc4a6b680b

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 6 IoCs

Processes:

regsvr32.exeregsvr32.exe

description	pid	process	target process
PID 2328 wrote to memory of 2712	2328	regsvr32.exe	regsvr32.exe
PID 2328 wrote to memory of 2712	2328	regsvr32.exe	regsvr32.exe
PID 2328 wrote to memory of 2712	2328	regsvr32.exe	regsvr32.exe
PID 2712 wrote to memory of 2724	2712	regsvr32.exe	rundll32.exe
PID 2712 wrote to memory of 2724	2712	regsvr32.exe	rundll32.exe
PID 2712 wrote to memory of 2724	2712	regsvr32.exe	rundll32.exe

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\6244cb7d824cce770ca075a5d3e6fdc4b21777591e29c5d669c12b6cc4b0bd8a.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2328

C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\6244cb7d824cce770ca075a5d3e6fdc4b21777591e29c5d669c12b6cc4b0bd8a.dll
2⤵
- Suspicious use of WriteProcessMemory
PID:2712

C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Local\Temp\6244cb7d824cce770ca075a5d3e6fdc4b21777591e29c5d669c12b6cc4b0bd8a.dll",DllRegisterServer
3⤵
PID:2724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2712-115-0x0000000000000000-mapping.dmp

Download
memory/2712-117-0x0000000002E05000-0x0000000002E06000-memory.dmp

Filesize
4KB

Download
memory/2724-118-0x0000000000000000-mapping.dmp

Download