f0593a3d3ea43e68f792fb2bd31c86d6383d4ff2b1965baffab97431ccac3434 | Triage

Analysis

max time kernel
121s
max time network
125s
platform
windows10_x64
resource
win10-en-20211208
submitted
15-01-2022 02:02

Sharing

Report Analysis Logs

General

Target

f0593a3d3ea43e68f792fb2bd31c86d6383d4ff2b1965baffab97431ccac3434.dll
Size

574KB
MD5

25be2749ff51bbb4a9e4db7a2fcb8191
SHA1

cc9989835037a424c1160c52de0c4904a0b1dfdc
SHA256

f0593a3d3ea43e68f792fb2bd31c86d6383d4ff2b1965baffab97431ccac3434
SHA512

db028783518afa24db8916a5af400d13024f9970267b0a1069f4d5197ee728a30d8a5720cfc32530ce75958fef927eaa6b80f76c10030562b550a155932b5713

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 6 IoCs

Processes:

regsvr32.exeregsvr32.exe

description	pid	process	target process
PID 3336 wrote to memory of 3676	3336	regsvr32.exe	regsvr32.exe
PID 3336 wrote to memory of 3676	3336	regsvr32.exe	regsvr32.exe
PID 3336 wrote to memory of 3676	3336	regsvr32.exe	regsvr32.exe
PID 3676 wrote to memory of 3348	3676	regsvr32.exe	rundll32.exe
PID 3676 wrote to memory of 3348	3676	regsvr32.exe	rundll32.exe
PID 3676 wrote to memory of 3348	3676	regsvr32.exe	rundll32.exe

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\f0593a3d3ea43e68f792fb2bd31c86d6383d4ff2b1965baffab97431ccac3434.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:3336

C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\f0593a3d3ea43e68f792fb2bd31c86d6383d4ff2b1965baffab97431ccac3434.dll
2⤵
- Suspicious use of WriteProcessMemory
PID:3676

C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe "C:\Users\Admin\AppData\Local\Temp\f0593a3d3ea43e68f792fb2bd31c86d6383d4ff2b1965baffab97431ccac3434.dll",DllRegisterServer
3⤵
PID:3348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3348-118-0x0000000000000000-mapping.dmp

Download
memory/3676-115-0x0000000000000000-mapping.dmp

Download
memory/3676-117-0x0000000002E05000-0x0000000002E06000-memory.dmp

Filesize
4KB

Download