9629fb0722b70a373968611ea8551139ef724427ef43608383f3a8ff1790b361

Analysis

max time kernel
122s
max time network
125s
platform
windows7_x64
resource
win7-20230824-en
resource tags

arch:x64arch:x86image:win7-20230824-enlocale:en-usos:windows7-x64system
submitted
30/08/2023, 03:16

Target

9629fb0722b70a373968611ea8551139ef724427ef43608383f3a8ff1790b361.dll
Size

315KB
MD5

95f14e97f79379045eea0768c3863cae
SHA1

fcd2d10f3d3e37af1ca8814be94777e1f85aabf2
SHA256

9629fb0722b70a373968611ea8551139ef724427ef43608383f3a8ff1790b361
SHA512

bf2ace7d5491ff5a693d06b9b8cb28ef8f2832947c17aa56e8fac01c740125183c5c4320728ad032ef659ca0af41adfc7cda0c00e5a4abddd5fdfd86506c643e
SSDEEP

6144:2ToWRoPudFNVtnF2B/3X27cn56r2R+u583ZQqKHM:ZPIBF2B/3XkS56qREZQqKHM

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2276 wrote to memory of 572	2276	regsvr32.exe	30
PID 2276 wrote to memory of 572	2276	regsvr32.exe	30
PID 2276 wrote to memory of 572	2276	regsvr32.exe	30
PID 2276 wrote to memory of 572	2276	regsvr32.exe	30
PID 2276 wrote to memory of 572	2276	regsvr32.exe	30
PID 2276 wrote to memory of 572	2276	regsvr32.exe	30
PID 2276 wrote to memory of 572	2276	regsvr32.exe	30

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\9629fb0722b70a373968611ea8551139ef724427ef43608383f3a8ff1790b361.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2276
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\9629fb0722b70a373968611ea8551139ef724427ef43608383f3a8ff1790b361.dll
  2⤵
  PID:572