f8557242eec38b83351ed007f5444c084d749352478ce1d01728ec2c5427864b

Analysis

max time kernel
151s
max time network
190s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
02-12-2022 16:56

Target

f8557242eec38b83351ed007f5444c084d749352478ce1d01728ec2c5427864b.dll
Size

631KB
MD5

75c58c2e7f64df8032275ffa98b65eec
SHA1

cc34c84b94ebd7378005803b48b0fb98fc580f45
SHA256

f8557242eec38b83351ed007f5444c084d749352478ce1d01728ec2c5427864b
SHA512

9f55e626eb700c4fe86655084a2575308a8f7be81ad416795df9b1e5ee4e40721f9e3b986995869271ea11a869e43a9fd58cf656c0e81e00e5f052be0a60d908
SSDEEP

12288:WhE5N0Bmanav+i/jINCeZopEDfXKtobnn7BRsL3N2ufjX:D+ywepEDaSbP

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 396 wrote to memory of 4456	396	regsvr32.exe	82
PID 396 wrote to memory of 4456	396	regsvr32.exe	82
PID 396 wrote to memory of 4456	396	regsvr32.exe	82

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\f8557242eec38b83351ed007f5444c084d749352478ce1d01728ec2c5427864b.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:396
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\f8557242eec38b83351ed007f5444c084d749352478ce1d01728ec2c5427864b.dll
  2⤵
  PID:4456