Overview

overview

10

Static

static

10

trespay.dll

windows7-x64

1

trespay.dll

windows10-2004-x64

10

Resubmissions

25-07-2022 08:34

220725-kgh6wabefn 10

Analysis

  • max time kernel
    46s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220715-en
  • resource tags

    arch:x64arch:x86image:win7-20220715-enlocale:en-usos:windows7-x64system
  • submitted
    25-07-2022 08:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    trespay.dll

  • Size

    126KB

  • MD5

    3e8576445e163033b0d47403223270eb

  • SHA1

    b516e6ce199b43d997eac2f3a41d537997e103ef

  • SHA256

    f161a836afdfcf9341cae1cc806404ff178b061266e71e587117b987ed36029d

  • SHA512

    1c147b9c0ad43eeb8ea66e98c7186c5fea8a030cc2d0b92a87c1b7a14254fb5c8a996ec0a530fa91923601f8af4cc6130b12737173b9e74d52357d57ff3fea4f

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\trespay.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1972
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\trespay.dll
      2⤵
        PID:1000

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1000-55-0x0000000000000000-mapping.dmp
      Download
    • memory/1000-56-0x0000000075371000-0x0000000075373000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1972-54-0x000007FEFB931000-0x000007FEFB933000-memory.dmp
      Filesize

      8KB

      Download