Analysis
-
max time kernel
119s -
max time network
126s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
15-01-2022 01:45
Static task
static1
Behavioral task
behavioral1
Sample
3520878d12fec8f7551b20ad31d067d9ea3be19c7cd48232213662f24eff994f.dll
Resource
win10-en-20211208
General
-
Target
3520878d12fec8f7551b20ad31d067d9ea3be19c7cd48232213662f24eff994f.dll
-
Size
574KB
-
MD5
91fca0bee57f8e0b963df4b6bfe5587c
-
SHA1
ae046e3a69f965a217eb63b609dd55e33a4f23c6
-
SHA256
3520878d12fec8f7551b20ad31d067d9ea3be19c7cd48232213662f24eff994f
-
SHA512
20f759b676babaa81c3d1f3fe464bc8a5ed9eb80504d8765a207e5af09004e53f25f18c161ef2d6f6d80c0a228f67493c7caeccb18fffa115c248005f840e06b
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory ⋅ 6 IoCs
Processes:
regsvr32.exeregsvr32.exedescription pid process target process PID 2532 wrote to memory of 2736 2532 regsvr32.exe regsvr32.exe PID 2532 wrote to memory of 2736 2532 regsvr32.exe regsvr32.exe PID 2532 wrote to memory of 2736 2532 regsvr32.exe regsvr32.exe PID 2736 wrote to memory of 3032 2736 regsvr32.exe rundll32.exe PID 2736 wrote to memory of 3032 2736 regsvr32.exe rundll32.exe PID 2736 wrote to memory of 3032 2736 regsvr32.exe rundll32.exe
Processes
-
C:\Windows\system32\regsvr32.exePID:2532regsvr32 /s C:\Users\Admin\AppData\Local\Temp\3520878d12fec8f7551b20ad31d067d9ea3be19c7cd48232213662f24eff994f.dllSuspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\regsvr32.exePID:2736/s C:\Users\Admin\AppData\Local\Temp\3520878d12fec8f7551b20ad31d067d9ea3be19c7cd48232213662f24eff994f.dllSuspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exePID:3032C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Local\Temp\3520878d12fec8f7551b20ad31d067d9ea3be19c7cd48232213662f24eff994f.dll",DllRegisterServer
Network
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Replay Monitor
00:00
00:00
Loading data