834fe976c06fb74a7d444fe299d0f9187637b4f643da798ed36fe84135eecacb | Triage

Analysis

max time kernel
159s
max time network
201s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 16:41

Sharing

Report Analysis Logs

General

Target

DataCrypter4.dll
Size

269KB
MD5

d7a0a16b9c34ff96bc6e2876174dc4c5
SHA1

39787581ffd22579c0eb208e0408d42e094e48ae
SHA256

d8eb75c2eb1452ebd054faf79fd2d7181323a0972bbcb1d5dca0778f5b6e9297
SHA512

cbd58ae4b9050470651981dd05533cd333fab3b9544294b9798212fe3ee428e5445ee3606fe847f6e7218b07a493afab35325d988c614ea3a181f03886d1834d
SSDEEP

6144:NETQUoNDS7/RiwFYyS6PUp4RASqzmr2gyJYnmijB1:CTQ1NDSjRjFQ6NAg

Score

1^/10

Malware Config

Signatures

Modifies registry class 9 IoCs

Processes:

regsvr32.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{8405D0DF-9FDD-4829-AEAD-8E2B0A18FEA4}\1.0	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\InkEd.InkEdit\CLSID	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E5CA59F5-57C4-4DD8-9BD6-1DEEEDD27AF4}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{8405D0DF-9FDD-4829-AEAD-8E2B0A18FEA4}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\InkEd.InkEdit	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E5CA59F5-57C4-4DD8-9BD6-1DEEEDD27AF4}\ToolboxBitmap32	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{8405D0DF-9FDD-4829-AEAD-8E2B0A18FEA4}\1.0\HELPDIR	regsvr32.exe

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\DataCrypter4.dll
1⤵
- Modifies registry class
PID:3516

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads