Analysis
-
max time kernel
40s -
max time network
34s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
23-11-2022 21:03
General
-
Target
dc4f307982b440e2921e835393cba7f9dfaaa063d73318e74ae16a2e83a06c1c.dll
-
Size
104KB
-
MD5
53431a289eff001da16847d1080d568b
-
SHA1
42176c6d22bfe4851b1da18928268801f5b82d87
-
SHA256
dc4f307982b440e2921e835393cba7f9dfaaa063d73318e74ae16a2e83a06c1c
-
SHA512
8ac4bc6b219e28ff13002410e58cbe69dedfa4a1f6b401a0663e6753ea16206e94ebec91cbdda78a0035c420aa6df3e9dd68a21f4c016bf6ac1bcb2f3e615bd4
-
SSDEEP
3072:Nv4+Adu6bpp+WLznSp5CHxd8ksX8INGA34yXQuEg0:Nu/zxHrbsXLZcuEN
Score
6/10
Malware Config
Signatures
-
Installs/modifies Browser Helper Object 2 TTPs 1 IoCs
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Modifies registry class 6 IoCs
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\regsvr32.exeregsvr32 /s C:\Users\Admin\AppData\Local\Temp\dc4f307982b440e2921e835393cba7f9dfaaa063d73318e74ae16a2e83a06c1c.dll1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\regsvr32.exe/s C:\Users\Admin\AppData\Local\Temp\dc4f307982b440e2921e835393cba7f9dfaaa063d73318e74ae16a2e83a06c1c.dll2⤵
- Installs/modifies Browser Helper Object
- Modifies registry class
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/936-55-0x0000000000000000-mapping.dmp
-
memory/936-56-0x0000000075C81000-0x0000000075C83000-memory.dmpFilesize
8KB
-
memory/1520-54-0x000007FEFC2C1000-0x000007FEFC2C3000-memory.dmpFilesize
8KB