3e5c5c43ff578fe2c8a1c61f2b5261705de7759df9cb819c129248c1a74d6250 | Triage

Analysis

max time kernel
121s
max time network
124s
platform
windows10_x64
resource
win10-en-20211208
submitted
15-01-2022 01:09

Sharing

Report Analysis Logs

General

Target

3e5c5c43ff578fe2c8a1c61f2b5261705de7759df9cb819c129248c1a74d6250.dll
Size

574KB
MD5

bfecd3b4c0ca3f50befe5bad0e0c6e1f
SHA1

e5c141efee9d269cbbec3e71030de7eca7a82f59
SHA256

3e5c5c43ff578fe2c8a1c61f2b5261705de7759df9cb819c129248c1a74d6250
SHA512

97cfd162946e29f9394809b1f6c831e95e43f6297261f5825f2b7715b25b26c62ec696089f57e9b47773f6bc14997bac805d69c0aa835d88c8e9e1234e8665da

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 6 IoCs

Processes:

regsvr32.exeregsvr32.exe

description	pid	process	target process
PID 2644 wrote to memory of 3928	2644	regsvr32.exe	regsvr32.exe
PID 2644 wrote to memory of 3928	2644	regsvr32.exe	regsvr32.exe
PID 2644 wrote to memory of 3928	2644	regsvr32.exe	regsvr32.exe
PID 3928 wrote to memory of 2620	3928	regsvr32.exe	rundll32.exe
PID 3928 wrote to memory of 2620	3928	regsvr32.exe	rundll32.exe
PID 3928 wrote to memory of 2620	3928	regsvr32.exe	rundll32.exe

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\3e5c5c43ff578fe2c8a1c61f2b5261705de7759df9cb819c129248c1a74d6250.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2644

C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\3e5c5c43ff578fe2c8a1c61f2b5261705de7759df9cb819c129248c1a74d6250.dll
2⤵
- Suspicious use of WriteProcessMemory
PID:3928

C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Local\Temp\3e5c5c43ff578fe2c8a1c61f2b5261705de7759df9cb819c129248c1a74d6250.dll",DllRegisterServer
3⤵
PID:2620

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2620-118-0x0000000000000000-mapping.dmp

Download
memory/3928-115-0x0000000000000000-mapping.dmp

Download
memory/3928-117-0x0000000002A95000-0x0000000002A96000-memory.dmp

Filesize
4KB

Download