Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
15-01-2022 01:45
Static task
static1
Behavioral task
behavioral1
Sample
f514a6cd9bc1c4e8e450b468f543763062b321111ca26d6fe0f3f236a0a93742.dll
Resource
win10-en-20211208
General
-
Target
f514a6cd9bc1c4e8e450b468f543763062b321111ca26d6fe0f3f236a0a93742.dll
-
Size
574KB
-
MD5
b55bd7d7833da0e8284b0794e1858c66
-
SHA1
f65890c4555db363b0b51de9405df2d8ad8d6df8
-
SHA256
f514a6cd9bc1c4e8e450b468f543763062b321111ca26d6fe0f3f236a0a93742
-
SHA512
b317056933835eeff747f7b26a5e2e8027c89c4ac040f9ccf2d3d1ac0edd19088c557c96eaf46096aca1b0a9645028d3ab7ad95cd43e1fc8a82ee60ad0840752
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory ⋅ 6 IoCs
Processes:
regsvr32.exeregsvr32.exedescription pid process target process PID 2708 wrote to memory of 2744 2708 regsvr32.exe regsvr32.exe PID 2708 wrote to memory of 2744 2708 regsvr32.exe regsvr32.exe PID 2708 wrote to memory of 2744 2708 regsvr32.exe regsvr32.exe PID 2744 wrote to memory of 3664 2744 regsvr32.exe rundll32.exe PID 2744 wrote to memory of 3664 2744 regsvr32.exe rundll32.exe PID 2744 wrote to memory of 3664 2744 regsvr32.exe rundll32.exe
Processes
-
C:\Windows\system32\regsvr32.exePID:2708regsvr32 /s C:\Users\Admin\AppData\Local\Temp\f514a6cd9bc1c4e8e450b468f543763062b321111ca26d6fe0f3f236a0a93742.dllSuspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\regsvr32.exePID:2744/s C:\Users\Admin\AppData\Local\Temp\f514a6cd9bc1c4e8e450b468f543763062b321111ca26d6fe0f3f236a0a93742.dllSuspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exePID:3664C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Local\Temp\f514a6cd9bc1c4e8e450b468f543763062b321111ca26d6fe0f3f236a0a93742.dll",DllRegisterServer
Network
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Replay Monitor
00:00
00:00
Loading data