Overview

overview

3

Static

static

3

382370cbf8...5d.dll

windows7-x64

1

382370cbf8...5d.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/12/2023, 13:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    382370cbf83d2dfeae6bf6d09930a05d.dll

  • Size

    364KB

  • MD5

    382370cbf83d2dfeae6bf6d09930a05d

  • SHA1

    1d111fd2af189643fbfd7b591ab2dedc7dfb2ff5

  • SHA256

    a2e3d55cab2a75366a2e316f680cf8378928c3f9a7d853f18918abff87683a21

  • SHA512

    f54bc3f14468f68403987d1e5477ffbe2994d6f2532a988501f7fd96267ab23c81824a6d1bffa5413d54c5c5ea04971b315adea22969b2a157d9198b463a2d7f

  • SSDEEP

    6144:W+YSTzRhPc9rx+WIGgYVZ58H+rL+sWut1HqitIi0qmh3vgP9o2f4CF2:WNSf7YLaCaH+rLHvLnmBw9o2ACF

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\382370cbf83d2dfeae6bf6d09930a05d.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3252
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\382370cbf83d2dfeae6bf6d09930a05d.dll
      2⤵
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:3112

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3112-0-0x0000000002D10000-0x0000000002E14000-memory.dmp

          Filesize

          1.0MB

          Download

        • memory/3112-1-0x0000000002D10000-0x0000000002E14000-memory.dmp

          Filesize

          1.0MB

          Download

        • memory/3112-4-0x0000000002D10000-0x0000000002E14000-memory.dmp

          Filesize

          1.0MB

          Download

        • memory/3112-3-0x0000000002D10000-0x0000000002E14000-memory.dmp

          Filesize

          1.0MB

          Download

        • memory/3112-2-0x0000000002D10000-0x0000000002E14000-memory.dmp

          Filesize

          1.0MB

          Download