9a944521217921979f89c5f7ed3aabd5ad03e020bd36679ef2e59ccc895673c1

Analysis

max time kernel
143s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
20/08/2023, 12:36

Target

9a944521217921979f89c5f7ed3aabd5ad03e020bd36679ef2e59ccc895673c1.dll
Size

477KB
MD5

7672ae8a15375415a182471bcd6603cf
SHA1

38cb564c422816ec0966a108de2bc171c2080096
SHA256

9a944521217921979f89c5f7ed3aabd5ad03e020bd36679ef2e59ccc895673c1
SHA512

7da51d1592b0b4de6c802f43c50cbc72e0fcbb04972021b64dafcfc45f49a8c40ce3e25c9ac130375b6639f7bbe7966903753ee3177a5550c5b35b05356cb399
SSDEEP

12288:IQ/Ye3URQGtyJLfDo8Csssm8xC0a33TqqZVr9enNmjdvbFhRRRiiiiD555Bp6wk3:hQeSk0cYHBKSTY

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4536 wrote to memory of 3004	4536	regsvr32.exe	81
PID 4536 wrote to memory of 3004	4536	regsvr32.exe	81
PID 4536 wrote to memory of 3004	4536	regsvr32.exe	81

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\9a944521217921979f89c5f7ed3aabd5ad03e020bd36679ef2e59ccc895673c1.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:4536
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\9a944521217921979f89c5f7ed3aabd5ad03e020bd36679ef2e59ccc895673c1.dll
  2⤵
  PID:3004