Analysis
-
max time kernel
145s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20220721-en -
resource tags
arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system -
submitted
09-08-2022 09:52
Static task
static1
Behavioral task
behavioral1
Sample
62f22e2c25958.dll
Resource
win7-20220715-en
windows7-x64
4 signatures
150 seconds
General
-
Target
62f22e2c25958.dll
-
Size
1.2MB
-
MD5
a40bf122a2f0617e31a60e0122b41b73
-
SHA1
761a6c8fa9b2f119f3d99a77a37a24a9783e3d6b
-
SHA256
338d326973acb3c5260a943498ee13668c86d6d375e0005251392bef54b4aadc
-
SHA512
abe6492ce5fdc3d6a5a835f75a7d017e12256a1c9c80dda02c047e4ff8e61632a29d9158536e7f110b7521ed66accb749be215d8fad547d5d440c7e243c18d9e
Malware Config
Signatures
-
Detects SVCReady loader 1 IoCs
resource yara_rule behavioral2/memory/3372-131-0x0000000010000000-0x0000000010091000-memory.dmp family_svcready -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2892 wrote to memory of 3372 2892 regsvr32.exe 81 PID 2892 wrote to memory of 3372 2892 regsvr32.exe 81 PID 2892 wrote to memory of 3372 2892 regsvr32.exe 81