c2d24c7308dd655f3251c4bcf2f83bf0ec9927f0ab15b002785106b882a3e9ed

Analysis

max time kernel
176s
max time network
186s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
05-12-2022 12:21

Target

c2d24c7308dd655f3251c4bcf2f83bf0ec9927f0ab15b002785106b882a3e9ed.dll
Size

239KB
MD5

53b3fd562282bc5051677a202af83f47
SHA1

0a8004e9578b96b70e60ae8ac0e1147df3ab5ad2
SHA256

c2d24c7308dd655f3251c4bcf2f83bf0ec9927f0ab15b002785106b882a3e9ed
SHA512

171fa74c1f0d7226178b30e13fddb9bb9a3a059c2e48876a76c24cf7e211ea4a099f280fa634a3fffad60497ad0c1032a72eb6c6816ca8cead026d7effa4d6f6
SSDEEP

6144:2KI8kZJNzcR2hLU2HReZCOd9/HPQ9hMb7:1ixoyUk+9/HIM

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2608 wrote to memory of 4380	2608	regsvr32.exe	79
PID 2608 wrote to memory of 4380	2608	regsvr32.exe	79
PID 2608 wrote to memory of 4380	2608	regsvr32.exe	79

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\c2d24c7308dd655f3251c4bcf2f83bf0ec9927f0ab15b002785106b882a3e9ed.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2608
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\c2d24c7308dd655f3251c4bcf2f83bf0ec9927f0ab15b002785106b882a3e9ed.dll
  2⤵
  PID:4380