94f9457e3060fece1d0a336380c232f0f60f88abdf34b83c0b67eb63205b495a

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 06:24

Target

10fe7924cadfc3c6dc2ea165be7e3ea2.dll
Size

14KB
MD5

10fe7924cadfc3c6dc2ea165be7e3ea2
SHA1

eeae99690d21353bf57c80743dacd8aa5e0abe07
SHA256

94f9457e3060fece1d0a336380c232f0f60f88abdf34b83c0b67eb63205b495a
SHA512

3d4e3d7dd842ab9f450152f03dc3c3671abe2cad047d72cb469f4ade9c51ea2a2d00679458ebaa5649fa417aa68296357b941bd4059f29d3ef6db3d2888d1f37
SSDEEP

192:nrXM26Fzt/Qz9ASPbPoi1ELH+uZLp7oCpEj4R/TEuZjzeyDh5pXqccOW8sbWIAK:j7udQAGPoi1liblxtDhvXEOW8sbW2

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2420 wrote to memory of 2860	2420	regsvr32.exe	14
PID 2420 wrote to memory of 2860	2420	regsvr32.exe	14
PID 2420 wrote to memory of 2860	2420	regsvr32.exe	14
PID 2420 wrote to memory of 2860	2420	regsvr32.exe	14
PID 2420 wrote to memory of 2860	2420	regsvr32.exe	14
PID 2420 wrote to memory of 2860	2420	regsvr32.exe	14
PID 2420 wrote to memory of 2860	2420	regsvr32.exe	14

C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\10fe7924cadfc3c6dc2ea165be7e3ea2.dll
1⤵
PID:2860

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\10fe7924cadfc3c6dc2ea165be7e3ea2.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2420