9dfa44846c0f875b678e81ba7958e58e4e157379b59c2b96bbefe63dc2413001 | Triage

Analysis

max time kernel
145s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2023, 01:09

Sharing

Report Analysis Logs

General

Target

099e93f35bccc2eac1b496a7ca5c2d67.dll
Size

27KB
MD5

099e93f35bccc2eac1b496a7ca5c2d67
SHA1

d3fbffdc730591a37d90ae0384edf17ab79f5aab
SHA256

9dfa44846c0f875b678e81ba7958e58e4e157379b59c2b96bbefe63dc2413001
SHA512

a26416259b21274be56222bc8399c5c8f07e6a7fb1d0ddc7e913777289663f395d88fd804865ff9e3e15933175c48f37c01822436baee292a1ba2d70efae2a68
SSDEEP

768:1KSCquFw0GQy+7R4f3dgikU9W9ygdj/2swu:vCquFw0GQBSfdbvA97yfu

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2904 wrote to memory of 764	2904	regsvr32.exe	84
PID 2904 wrote to memory of 764	2904	regsvr32.exe	84
PID 2904 wrote to memory of 764	2904	regsvr32.exe	84

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\099e93f35bccc2eac1b496a7ca5c2d67.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2904
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\099e93f35bccc2eac1b496a7ca5c2d67.dll
  2⤵
  PID:764

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads