Overview

overview

3

Static

static

3

4fcad8f0fe...63.dll

windows7-x64

1

4fcad8f0fe...63.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 03:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4fcad8f0fed12c31aefef1141d768763.dll

  • Size

    157KB

  • MD5

    4fcad8f0fed12c31aefef1141d768763

  • SHA1

    476f1264ce28e2927a971b95b40c6f3442119867

  • SHA256

    791b17dfbc7f209f7bc186670786d1e33e388972775a936a605fa1c1e9f48c9c

  • SHA512

    7f937d30ffcfbbf473e8682fd120c654907a887b747dba2a7058cd39956a78e9a6ad80a5594f62a92b7503570c1313eb403582e1f1677f7d73087b1f3f356666

  • SSDEEP

    3072:MBl94wLNOc4AGJOV82EclA5HodonoQkzlYEhxFyVU75cThliJ:MBFZTlATvkzeE8275cTiJ

Score
1/10

Malware Config

Signatures

  • Modifies registry class 10 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\4fcad8f0fed12c31aefef1141d768763.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2660
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\4fcad8f0fed12c31aefef1141d768763.dll
      2⤵
      • Modifies registry class
      PID:760

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads