Analysis
-
max time kernel
153s -
max time network
176s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
03/10/2022, 06:40
General
-
Target
5370badd7e004d9a29640df79ac08ff57ba3e873f983585d570392cbb0141bdc.dll
-
Size
210KB
-
MD5
0122b14b68c4fed563ce1d72fe82021c
-
SHA1
676983f6d0fbfe0e7445bc0f34d27de77c2541c5
-
SHA256
5370badd7e004d9a29640df79ac08ff57ba3e873f983585d570392cbb0141bdc
-
SHA512
eb907f92392d1b34fe5f371d67778ccad1ceea698d59e2d6c12ed8c9446ba660cf494e26a81457ddb36cf97c852bdcf9e9af544628fc07dd4ae50c6019ce2126
-
SSDEEP
3072:yuhE6zRk4hNDCDkcwFLb/9CZtzLIq01wnkvYSg7dHLV/k3tZ9k82yrnd+2jWA:yuhhNDtrHMzgL1wk6BMtZ/2yAhA
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\regsvr32.exeregsvr32 /s C:\Users\Admin\AppData\Local\Temp\5370badd7e004d9a29640df79ac08ff57ba3e873f983585d570392cbb0141bdc.dll1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\regsvr32.exe/s C:\Users\Admin\AppData\Local\Temp\5370badd7e004d9a29640df79ac08ff57ba3e873f983585d570392cbb0141bdc.dll2⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 980 -s 5963⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 980 -ip 9801⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 980 -ip 9801⤵