Resubmissions
25-07-2022 08:34
220725-kgh6wabefn 10Analysis
-
max time kernel
46s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220715-en -
resource tags
arch:x64arch:x86image:win7-20220715-enlocale:en-usos:windows7-x64system -
submitted
25-07-2022 08:34
Behavioral task
behavioral1
Sample
trespay.dll
Resource
win7-20220715-en
windows7-x64
1 signatures
150 seconds
General
-
Target
trespay.dll
-
Size
126KB
-
MD5
3e8576445e163033b0d47403223270eb
-
SHA1
b516e6ce199b43d997eac2f3a41d537997e103ef
-
SHA256
f161a836afdfcf9341cae1cc806404ff178b061266e71e587117b987ed36029d
-
SHA512
1c147b9c0ad43eeb8ea66e98c7186c5fea8a030cc2d0b92a87c1b7a14254fb5c8a996ec0a530fa91923601f8af4cc6130b12737173b9e74d52357d57ff3fea4f
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
regsvr32.exedescription pid process target process PID 1972 wrote to memory of 1000 1972 regsvr32.exe regsvr32.exe PID 1972 wrote to memory of 1000 1972 regsvr32.exe regsvr32.exe PID 1972 wrote to memory of 1000 1972 regsvr32.exe regsvr32.exe PID 1972 wrote to memory of 1000 1972 regsvr32.exe regsvr32.exe PID 1972 wrote to memory of 1000 1972 regsvr32.exe regsvr32.exe PID 1972 wrote to memory of 1000 1972 regsvr32.exe regsvr32.exe PID 1972 wrote to memory of 1000 1972 regsvr32.exe regsvr32.exe