83be46fa3dd14a443b850897e5c97c7e2dbdffd6ac38e2a3ddf95ec1051fc3af

Analysis

max time kernel
143s
max time network
159s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
12-10-2022 17:11

Target

83be46fa3dd14a443b850897e5c97c7e2dbdffd6ac38e2a3ddf95ec1051fc3af.dll
Size

116KB
MD5

61b5ac84a8e7aed940742d4927189c7c
SHA1

7fb03d8b24e02533ed627c44d72b5f1589d0cb0b
SHA256

83be46fa3dd14a443b850897e5c97c7e2dbdffd6ac38e2a3ddf95ec1051fc3af
SHA512

ad06e8f81ee79811d1fec9911da845f67420d3847c98b7cfc86f25dfb02306dc4ae456307e304e306cbae1bb08b64d52104ed3a01ac7a35d88457b6e5b5c5dd0
SSDEEP

768:bnzQoiSUqZOXQnSrovwCOCu2lqWfmw/1F/+w+A0BfNlSyEA0fOt5EMlj4u81Sq96:bnzQvFqZWQBbHxewd0LlSyEcxq96

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4944 wrote to memory of 4912	4944	regsvr32.exe	83
PID 4944 wrote to memory of 4912	4944	regsvr32.exe	83
PID 4944 wrote to memory of 4912	4944	regsvr32.exe	83

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\83be46fa3dd14a443b850897e5c97c7e2dbdffd6ac38e2a3ddf95ec1051fc3af.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:4944
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\83be46fa3dd14a443b850897e5c97c7e2dbdffd6ac38e2a3ddf95ec1051fc3af.dll
  2⤵
  PID:4912