cc20e1f2eafe922e727c0d12e8ee576d0ebd06d9fa0a60c727c250ee1d48e27c | Triage

Analysis

max time kernel
120s
max time network
119s
platform
windows10_x64
resource
win10-en-20211208
submitted
15-01-2022 01:09

Sharing

Report Analysis Logs

General

Target

cc20e1f2eafe922e727c0d12e8ee576d0ebd06d9fa0a60c727c250ee1d48e27c.dll
Size

574KB
MD5

7a4920175f5401be98e1f76ad495233e
SHA1

37188977293df0994edb708423ab7596953b1219
SHA256

cc20e1f2eafe922e727c0d12e8ee576d0ebd06d9fa0a60c727c250ee1d48e27c
SHA512

a8f1239388f76cd49b64710ead30dace872831fb79de62588225a5ce3a856b89fa8a9874eb90f98cb58005bfdf3cd48f4dfd53a21d5e8710179a83bb29b8bed7

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 6 IoCs

Processes:

regsvr32.exeregsvr32.exe

description	pid	process	target process
PID 3712 wrote to memory of 3596	3712	regsvr32.exe	regsvr32.exe
PID 3712 wrote to memory of 3596	3712	regsvr32.exe	regsvr32.exe
PID 3712 wrote to memory of 3596	3712	regsvr32.exe	regsvr32.exe
PID 3596 wrote to memory of 3736	3596	regsvr32.exe	rundll32.exe
PID 3596 wrote to memory of 3736	3596	regsvr32.exe	rundll32.exe
PID 3596 wrote to memory of 3736	3596	regsvr32.exe	rundll32.exe

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\cc20e1f2eafe922e727c0d12e8ee576d0ebd06d9fa0a60c727c250ee1d48e27c.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:3712

C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\cc20e1f2eafe922e727c0d12e8ee576d0ebd06d9fa0a60c727c250ee1d48e27c.dll
2⤵
- Suspicious use of WriteProcessMemory
PID:3596

C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Local\Temp\cc20e1f2eafe922e727c0d12e8ee576d0ebd06d9fa0a60c727c250ee1d48e27c.dll",DllRegisterServer
3⤵
PID:3736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3596-118-0x0000000000000000-mapping.dmp

Download
memory/3596-120-0x0000000002EE5000-0x0000000002EE6000-memory.dmp

Filesize
4KB

Download
memory/3736-121-0x0000000000000000-mapping.dmp

Download