Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
15-01-2022 01:17
Static task
static1
Behavioral task
behavioral1
Sample
c5dea477d2e029d1d2debe478a1d60533d49a88652f7ffe7e7ea3fa0983b4dbe.dll
Resource
win10-en-20211208
General
-
Target
c5dea477d2e029d1d2debe478a1d60533d49a88652f7ffe7e7ea3fa0983b4dbe.dll
-
Size
574KB
-
MD5
5210374af655542588f7317f80f7d5da
-
SHA1
8f262a120075b22ca01ba883d47fcabb7558a6bc
-
SHA256
c5dea477d2e029d1d2debe478a1d60533d49a88652f7ffe7e7ea3fa0983b4dbe
-
SHA512
73bb48bd9c8e93dffd51c8aa89e852d026ddb97ef478a259a3fb64b95926dc5f1d6c38547e6315eeae72b1930114aa7ac4b01c0772e66c4e80e6d92764af5662
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory ⋅ 6 IoCs
Processes:
regsvr32.exeregsvr32.exedescription pid process target process PID 3544 wrote to memory of 3796 3544 regsvr32.exe regsvr32.exe PID 3544 wrote to memory of 3796 3544 regsvr32.exe regsvr32.exe PID 3544 wrote to memory of 3796 3544 regsvr32.exe regsvr32.exe PID 3796 wrote to memory of 300 3796 regsvr32.exe rundll32.exe PID 3796 wrote to memory of 300 3796 regsvr32.exe rundll32.exe PID 3796 wrote to memory of 300 3796 regsvr32.exe rundll32.exe
Processes
-
C:\Windows\system32\regsvr32.exePID:3544regsvr32 /s C:\Users\Admin\AppData\Local\Temp\c5dea477d2e029d1d2debe478a1d60533d49a88652f7ffe7e7ea3fa0983b4dbe.dllSuspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\regsvr32.exePID:3796/s C:\Users\Admin\AppData\Local\Temp\c5dea477d2e029d1d2debe478a1d60533d49a88652f7ffe7e7ea3fa0983b4dbe.dllSuspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exePID:300C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Local\Temp\c5dea477d2e029d1d2debe478a1d60533d49a88652f7ffe7e7ea3fa0983b4dbe.dll",DllRegisterServer
Network
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Replay Monitor
00:00
00:00
Loading data