2264a4fefc0ccf6acd6ba30a6c5ff42c1b3cfc3b12bfd7a1f3599c7bd5512553

Analysis

max time kernel
121s
max time network
132s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
16/08/2023, 02:45

Target

2264a4fefc0ccf6acd6ba30a6c5ff42c1b3cfc3b12bfd7a1f3599c7bd5512553.dll
Size

1.1MB
MD5

f60855bd8cccf8e59a82a50637f35436
SHA1

4aa381d8983c7ee25be1208a2a4b66440a79677a
SHA256

2264a4fefc0ccf6acd6ba30a6c5ff42c1b3cfc3b12bfd7a1f3599c7bd5512553
SHA512

73d65c72078e71bde3dd9091a4dc17674dc0a6a15d9a9a1414ad22f6908761ae6d0e19fb4f8e5b5a2f91121dcb880ac2a755b5bb6464b97e4ee27334a0402d50
SSDEEP

6144:QnZkVunzH5JYd97kG1TvT3N/YhgVLusNQ6TAULBKkolP7qEZSM:QZkcnzH5Je9DTb3SgVLL0koFR1

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2240 wrote to memory of 2028	2240	regsvr32.exe	28
PID 2240 wrote to memory of 2028	2240	regsvr32.exe	28
PID 2240 wrote to memory of 2028	2240	regsvr32.exe	28
PID 2240 wrote to memory of 2028	2240	regsvr32.exe	28
PID 2240 wrote to memory of 2028	2240	regsvr32.exe	28
PID 2240 wrote to memory of 2028	2240	regsvr32.exe	28
PID 2240 wrote to memory of 2028	2240	regsvr32.exe	28

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\2264a4fefc0ccf6acd6ba30a6c5ff42c1b3cfc3b12bfd7a1f3599c7bd5512553.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2240
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\2264a4fefc0ccf6acd6ba30a6c5ff42c1b3cfc3b12bfd7a1f3599c7bd5512553.dll
  2⤵
  PID:2028