Analysis
-
max time kernel
15s -
max time network
18s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
14-02-2022 21:27
Behavioral task
behavioral1
Sample
zloader.dll
Resource
win7-en-20211208
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
zloader.dll
Resource
win10v2004-en-20220112
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
zloader.dll
-
Size
184KB
-
MD5
6e652cd4720937ac31e113a4c6496e82
-
SHA1
599c42dd72c1469120b64470c17efc7d0ece9910
-
SHA256
c21fbf33fe025c03f38ce6190fd011f01a3e9c03d99acd7648845c28ccbc3777
-
SHA512
b906150fb492d20a9263b68e700444f8014135d89c6a520c13561cf9d0fe3d83e31980c44a86db87a1671a34e298049acb35e53cffdfe0f69b9cbd96426d97ef
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
regsvr32.exedescription pid process target process PID 1608 wrote to memory of 1696 1608 regsvr32.exe regsvr32.exe PID 1608 wrote to memory of 1696 1608 regsvr32.exe regsvr32.exe PID 1608 wrote to memory of 1696 1608 regsvr32.exe regsvr32.exe PID 1608 wrote to memory of 1696 1608 regsvr32.exe regsvr32.exe PID 1608 wrote to memory of 1696 1608 regsvr32.exe regsvr32.exe PID 1608 wrote to memory of 1696 1608 regsvr32.exe regsvr32.exe PID 1608 wrote to memory of 1696 1608 regsvr32.exe regsvr32.exe