80038c090fbf3cca356f5223ae0061c109055c76b8f7f1ecb02597a02ffbfccb | Triage

Analysis

max time kernel
110s
max time network
110s
platform
windows10_x64
resource
win10-en-20211208
submitted
15-01-2022 01:26

Sharing

Report Analysis Logs

General

Target

80038c090fbf3cca356f5223ae0061c109055c76b8f7f1ecb02597a02ffbfccb.dll
Size

574KB
MD5

785990dc066cb6e957c8fe0aae8b0951
SHA1

9d266cb4c8950ecedba3efac74d228414a024715
SHA256

80038c090fbf3cca356f5223ae0061c109055c76b8f7f1ecb02597a02ffbfccb
SHA512

3b6ceb6dca6a0f59865bf1bfe049dd64e855a80787cee9c1e303d6a536f9dc4e0712a14e504a0582a47a4cc4b510098519137f0b30803c82bfc4e81c774874ce

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 6 IoCs

Processes:

regsvr32.exeregsvr32.exe

description	pid	process	target process
PID 3784 wrote to memory of 3768	3784	regsvr32.exe	regsvr32.exe
PID 3784 wrote to memory of 3768	3784	regsvr32.exe	regsvr32.exe
PID 3784 wrote to memory of 3768	3784	regsvr32.exe	regsvr32.exe
PID 3768 wrote to memory of 1908	3768	regsvr32.exe	rundll32.exe
PID 3768 wrote to memory of 1908	3768	regsvr32.exe	rundll32.exe
PID 3768 wrote to memory of 1908	3768	regsvr32.exe	rundll32.exe

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\80038c090fbf3cca356f5223ae0061c109055c76b8f7f1ecb02597a02ffbfccb.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:3784

C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\80038c090fbf3cca356f5223ae0061c109055c76b8f7f1ecb02597a02ffbfccb.dll
2⤵
- Suspicious use of WriteProcessMemory
PID:3768

C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Local\Temp\80038c090fbf3cca356f5223ae0061c109055c76b8f7f1ecb02597a02ffbfccb.dll",DllRegisterServer
3⤵
PID:1908

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1908-118-0x0000000000000000-mapping.dmp

Download
memory/3768-115-0x0000000000000000-mapping.dmp

Download
memory/3768-117-0x0000000002D45000-0x0000000002D46000-memory.dmp

Filesize
4KB

Download