bdd8181bb94180c502026b9889b6c47c5175fe0ccaa42b237ab688e4a966dfa8 | Triage

Analysis

max time kernel
145s
max time network
136s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
31/12/2023, 13:23

Sharing

Report Analysis Logs

General

Target

37e0f0aee204d3c71f722b9839457753.dll
Size

28KB
MD5

37e0f0aee204d3c71f722b9839457753
SHA1

8f99c1643b883801af4284a5ead6786de6e9728d
SHA256

bdd8181bb94180c502026b9889b6c47c5175fe0ccaa42b237ab688e4a966dfa8
SHA512

d17b22939f7b1c0a20619cf1818c0da50b758afb07f0b1f58d2a5f9a95d8ebe10cbd3f2513b9473f24fcbbbc7357288ba355a9082c52145d1e534be6848fee6e
SSDEEP

768:iKSxquONL0GQ7t8IVR2MmUnXtdPFouYr20T:mxquONL0GQ79QpUXda

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1308 wrote to memory of 2360	1308	regsvr32.exe	14
PID 1308 wrote to memory of 2360	1308	regsvr32.exe	14
PID 1308 wrote to memory of 2360	1308	regsvr32.exe	14

C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\37e0f0aee204d3c71f722b9839457753.dll
1⤵
PID:2360

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\37e0f0aee204d3c71f722b9839457753.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:1308

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads