d59cc02a23cf11a2acaec4d0753473258e81d7f920aa6d3d4087b908e58825a7

Analysis

max time kernel
142s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
31-12-2023 03:10

Target

25dd2bcbb17675f26d399b677bc792fb.dll
Size

68KB
MD5

25dd2bcbb17675f26d399b677bc792fb
SHA1

4dce2ae018bf3710c766b1e5cd80236a72af09d1
SHA256

d59cc02a23cf11a2acaec4d0753473258e81d7f920aa6d3d4087b908e58825a7
SHA512

6ceb8f2d13c6e9fa4a3ac3bb5a90be3e08fee249ca285d51ecbb9ccb0b16d0f302e529b8d7b8fa78e6da5a1c72bd216ff36f797edfafb905ef5662061007145e
SSDEEP

768:kvwm3Eiwv8tHL0RIN99eOAL1nmmRtWLZP4/hPWHeXyaJRYzjbO0:kvFJMRID9eD1BtEBnHIJR+K0

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2356 wrote to memory of 892	2356	regsvr32.exe	16
PID 2356 wrote to memory of 892	2356	regsvr32.exe	16
PID 2356 wrote to memory of 892	2356	regsvr32.exe	16

C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\25dd2bcbb17675f26d399b677bc792fb.dll
1⤵
PID:892

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\25dd2bcbb17675f26d399b677bc792fb.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2356