Overview

overview

3

Static

static

3

9868b207a0...ec.dll

windows7-x64

1

9868b207a0...ec.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/09/2023, 04:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9868b207a0819f40ffb8ebf35f385cbc4e6b6424d9c94a15c664c2b02ce540ec.dll

  • Size

    2.5MB

  • MD5

    e678016eae94b546f4652355445c637a

  • SHA1

    96ad08ec70600c129b53cfa587d5e8f8f2c13d42

  • SHA256

    9868b207a0819f40ffb8ebf35f385cbc4e6b6424d9c94a15c664c2b02ce540ec

  • SHA512

    7e32e0f4d34a86f7bd83cbaf0e0d2e7b3c47131ac2e201ee73132f680b7846f392418df90d4bf59740daaaaf17bde3a344b4e6701c49cfe9cdf79af31c6d2874

  • SSDEEP

    49152:4KkO4vY3iLVLJe9dEt8smaDLDf3TBLS7qHwW9w4nvn6rw00:nkOKTe9dc8smaPDfSW9w4x

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\9868b207a0819f40ffb8ebf35f385cbc4e6b6424d9c94a15c664c2b02ce540ec.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:232
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\9868b207a0819f40ffb8ebf35f385cbc4e6b6424d9c94a15c664c2b02ce540ec.dll
      2⤵
        PID:4592

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4592-0-0x0000000010000000-0x00000000104EF000-memory.dmp

      Filesize

      4.9MB

      Download

    • memory/4592-1-0x00000000009A0000-0x00000000009A3000-memory.dmp

      Filesize

      12KB

      Download

    • memory/4592-2-0x0000000002250000-0x0000000002A6B000-memory.dmp

      Filesize

      8.1MB

      Download

    • memory/4592-3-0x0000000002A70000-0x000000000336A000-memory.dmp

      Filesize

      9.0MB

      Download

    • memory/4592-4-0x00000000021B0000-0x00000000021B2000-memory.dmp

      Filesize

      8KB

      Download

    • memory/4592-5-0x0000000000A30000-0x0000000000A47000-memory.dmp

      Filesize

      92KB

      Download

    • memory/4592-6-0x00000000009A0000-0x00000000009A3000-memory.dmp

      Filesize

      12KB

      Download

    • memory/4592-7-0x0000000002A70000-0x000000000336A000-memory.dmp

      Filesize

      9.0MB

      Download

    • memory/4592-8-0x0000000000A30000-0x0000000000A47000-memory.dmp

      Filesize

      92KB

      Download