Analysis
-
max time kernel
121s -
max time network
127s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
15-01-2022 01:45
Static task
static1
Behavioral task
behavioral1
Sample
df98d9f9e8fa2d25d4542cbefd22f5b2d06c27f30f22c6a4585c595f9fc5fee8.dll
Resource
win10-en-20211208
General
-
Target
df98d9f9e8fa2d25d4542cbefd22f5b2d06c27f30f22c6a4585c595f9fc5fee8.dll
-
Size
574KB
-
MD5
cc0f99d0366aa8701b893da8a7a4d687
-
SHA1
d69bc10e77bfe3f4923b62cdb4f31ba6c3dc1d58
-
SHA256
df98d9f9e8fa2d25d4542cbefd22f5b2d06c27f30f22c6a4585c595f9fc5fee8
-
SHA512
42464b4f74b75c29d1c11f41a22a204c488239442431a3466e334ceedcc0e9d6ae560b82c45a51e6d3a8704f293b29eb63a544291e989e92404f21752bd7ea44
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory ⋅ 6 IoCs
Processes:
regsvr32.exeregsvr32.exedescription pid process target process PID 2408 wrote to memory of 2468 2408 regsvr32.exe regsvr32.exe PID 2408 wrote to memory of 2468 2408 regsvr32.exe regsvr32.exe PID 2408 wrote to memory of 2468 2408 regsvr32.exe regsvr32.exe PID 2468 wrote to memory of 2112 2468 regsvr32.exe rundll32.exe PID 2468 wrote to memory of 2112 2468 regsvr32.exe rundll32.exe PID 2468 wrote to memory of 2112 2468 regsvr32.exe rundll32.exe
Processes
-
C:\Windows\system32\regsvr32.exePID:2408regsvr32 /s C:\Users\Admin\AppData\Local\Temp\df98d9f9e8fa2d25d4542cbefd22f5b2d06c27f30f22c6a4585c595f9fc5fee8.dllSuspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\regsvr32.exePID:2468/s C:\Users\Admin\AppData\Local\Temp\df98d9f9e8fa2d25d4542cbefd22f5b2d06c27f30f22c6a4585c595f9fc5fee8.dllSuspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exePID:2112C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Local\Temp\df98d9f9e8fa2d25d4542cbefd22f5b2d06c27f30f22c6a4585c595f9fc5fee8.dll",DllRegisterServer
Network
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Replay Monitor
00:00
00:00
Loading data