Overview

overview

3

Static

static

3

16779e7c02...cb.dll

windows7-x64

1

16779e7c02...cb.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 10:52

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    16779e7c0257741ff24cc75be8beedcb.dll

  • Size

    147KB

  • MD5

    16779e7c0257741ff24cc75be8beedcb

  • SHA1

    9cb3b313bf8960bd0a5b9375bbe2368e5f4b51b9

  • SHA256

    844f5af5243154927d83205da9f1bfbf770f38778a2e5e2589e7ba3aff7dedae

  • SHA512

    c538e367a1ab6fedb0aa117ea1324fefde72a8f78d48c5cf0ad0271fe71686837b34858507f357e9a8a28f12546127b183f33b43a04c3f25e7b6956802108288

  • SSDEEP

    1536:oEVG7v3eOlBfuIW2JJhw6W/KIt7iQZx3YiZOwy3wAobeG6hu:HivuOpWKXnsGu8Z/

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\SysWOW64\regsvr32.exe
    /s C:\Users\Admin\AppData\Local\Temp\16779e7c0257741ff24cc75be8beedcb.dll
    1⤵
      PID:3032
    • C:\Windows\system32\regsvr32.exe
      regsvr32 /s C:\Users\Admin\AppData\Local\Temp\16779e7c0257741ff24cc75be8beedcb.dll
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:2924

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/3032-0-0x00000000002E0000-0x0000000000321000-memory.dmp

            Filesize

            260KB

            Download