Analysis

  • max time kernel
    121s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    21-01-2022 23:05

General

  • Target

    d547358d7506e4985ccbf497c58ca5a1767b38e35913521ebd50928f896f7ac7.dll

  • Size

    360KB

  • MD5

    5e840e5cc4167379d7efd5b85fd31e43

  • SHA1

    5245f1fe2a99267891a50593539929d02414c421

  • SHA256

    d547358d7506e4985ccbf497c58ca5a1767b38e35913521ebd50928f896f7ac7

  • SHA512

    bd66cc24b3ded27cb333f5908be365f55423c3898636c4fffd3fcbf53a8471c8e84773d13fe71d1cfb210ec3552684fa94a8d169e05a07af3f4339b65581a345

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\d547358d7506e4985ccbf497c58ca5a1767b38e35913521ebd50928f896f7ac7.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\d547358d7506e4985ccbf497c58ca5a1767b38e35913521ebd50928f896f7ac7.dll
      2⤵
        PID:836

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/836-56-0x0000000075F91000-0x0000000075F93000-memory.dmp

      Filesize

      8KB

    • memory/836-57-0x0000000000170000-0x0000000000171000-memory.dmp

      Filesize

      4KB

    • memory/1700-55-0x000007FEFBD21000-0x000007FEFBD23000-memory.dmp

      Filesize

      8KB