747d3398ec8d8f26045b3c0bd369b9735b7d756b38a02a7eaf72031d3a23d2c6

Analysis

max time kernel
144s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
06/01/2023, 19:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

wmvdspa.dll
Size

180KB
MD5

d70fa61fe5488dac3d3d531d0c728f9f
SHA1

5fb3a26b3951c811a7ca151e0791d3774e25ef29
SHA256

747d3398ec8d8f26045b3c0bd369b9735b7d756b38a02a7eaf72031d3a23d2c6
SHA512

407729bf39eae4d5a7b37c4fac22d9955b47ef541edb5155f695f580c9f2a3334dfde7eb091b0f87ddfdb71ea1fd649e8cee781ebe294ecf4dc09c59fdbd82d2
SSDEEP

3072:Nl2wb9OEjskpyOquv8Wy9LVmEr3abj14fXnm0dsA9GiJMJEDCEzj+eF8:Nl2wb93jsmyaNy9LPYjkXm0dsAFMJyCV

Score

1^/10

Malware Config

Signatures

Modifies registry class 15 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\Categories\d990ee14-776c-4723-be46-3da2f56f10b9	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\Categories\d990ee14-776c-4723-be46-3da2f56f10b9\559c6bad-1ea8-4963-a087-8a6810f9218b	regsvr32.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\559c6bad-1ea8-4963-a087-8a6810f9218b\OutputTypes = 7669647300001000800000aa00389b717deb36e44f52ce119f530020af0ba770	regsvr32.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\4dda1941-77a0-4fb1-a518-e2185041d70c\InputTypes = 7669647300001000800000aa00389b717deb36e44f52ce119f530020af0ba770	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\Categories	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\Categories\d990ee14-776c-4723-be46-3da2f56f10b9\4dda1941-77a0-4fb1-a518-e2185041d70c	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\4dda1941-77a0-4fb1-a518-e2185041d70c	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\4dda1941-77a0-4fb1-a518-e2185041d70c\ = "TOC Generator"	regsvr32.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\4dda1941-77a0-4fb1-a518-e2185041d70c	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\559c6bad-1ea8-4963-a087-8a6810f9218b	regsvr32.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\559c6bad-1ea8-4963-a087-8a6810f9218b\InputTypes = 7669647300001000800000aa00389b717deb36e44f52ce119f530020af0ba770	regsvr32.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\4dda1941-77a0-4fb1-a518-e2185041d70c\OutputTypes = 7669647300001000800000aa00389b717deb36e44f52ce119f530020af0ba770	regsvr32.exe
Key deleted	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\559c6bad-1ea8-4963-a087-8a6810f9218b	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\DirectShow\MediaObjects\559c6bad-1ea8-4963-a087-8a6810f9218b\ = "Thumbnail Generator"	regsvr32.exe

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\wmvdspa.dll
1⤵
- Modifies registry class
PID:5040

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads