Overview

overview

10

Static

static

10

00000128.dll

windows7-x64

1

00000128.dll

windows10-2004-x64

1

00005728.dll

windows7-x64

1

00005728.dll

windows10-2004-x64

1

00008576.dll

windows7-x64

3

00008576.dll

windows10-2004-x64

1

00013936.dll

windows7-x64

1

00013936.dll

windows10-2004-x64

1

00019904.dll

windows7-x64

3

00019904.dll

windows10-2004-x64

3

00024528.dll

windows7-x64

1

00024528.dll

windows10-2004-x64

1

00026008.dll

windows7-x64

3

00026008.dll

windows10-2004-x64

3

00026720.dll

windows7-x64

1

00026720.dll

windows10-2004-x64

1

00029056.dll

windows7-x64

1

00029056.dll

windows10-2004-x64

1

00031192.dll

windows7-x64

1

00031192.dll

windows10-2004-x64

3

00031400.dll

windows7-x64

3

00031400.dll

windows10-2004-x64

3

00031592.dll

windows7-x64

1

00031592.dll

windows10-2004-x64

1

00031840.dll

windows7-x64

1

00031840.dll

windows10-2004-x64

1

00042984.dll

windows7-x64

1

00042984.dll

windows10-2004-x64

1

00050760.dll

windows7-x64

1

00050760.dll

windows10-2004-x64

1

00056096.dll

windows7-x64

1

00056096.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    28-12-2023 03:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    00026008.dll

  • Size

    99KB

  • MD5

    c7c0227360e7aa42a9ce647b8b943788

  • SHA1

    977f8d971e2fd219eb8a9a143befb1038ce77027

  • SHA256

    84088928eb895cf4ec0425d9560de89e7c6dc783d9782a27da73d29d4b3423d8

  • SHA512

    cc37eb4cb508884e94d53688c7879f7bab31afcea5cb3aa6eb2f224f5645a6da2110ef5c773e7e9ca00656c813c02cc99d75bdfd02f29406fd27939671a249d1

  • SSDEEP

    768:tr9cynniVc3EjcHe9J7p2XUsECJ+wFMjGabLbHMce2LxLf13AR1nEnR:trjnQnj0kwptFMdXbscbxLf0ER

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\00026008.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1764
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\00026008.dll
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1956
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1956 -s 296
        3⤵
        • Program crash
        PID:1384

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads