c7a1a8a4f366aee2c2052ac05f1f0c299b79f9615b237a716363b148ed69fdeb

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
01/01/2024, 09:50

Target

3c8968d6329d1d928eadaa6fcdccb0ee.dll
Size

47KB
MD5

3c8968d6329d1d928eadaa6fcdccb0ee
SHA1

8d7c3dd2cb69550ec159ece3098190767975f3bf
SHA256

c7a1a8a4f366aee2c2052ac05f1f0c299b79f9615b237a716363b148ed69fdeb
SHA512

195f7b845e335b9b46277b303eb289e2cb2de784f7227e5263df327b533890c743504158913c370245692226bf797277646e504de2d10d14d2dfa02d88be5895
SSDEEP

768:U5ZyEimHLRbumw3Z+QpvDk31EgzlNOg/PwC15p6vquP/wBgCfAwASYC2/Glvq417:GyirFPwtDkaTC15pgqpBD4i26pv6K+F6

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2252 wrote to memory of 2112	2252	regsvr32.exe	16
PID 2252 wrote to memory of 2112	2252	regsvr32.exe	16
PID 2252 wrote to memory of 2112	2252	regsvr32.exe	16
PID 2252 wrote to memory of 2112	2252	regsvr32.exe	16
PID 2252 wrote to memory of 2112	2252	regsvr32.exe	16
PID 2252 wrote to memory of 2112	2252	regsvr32.exe	16
PID 2252 wrote to memory of 2112	2252	regsvr32.exe	16

C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\3c8968d6329d1d928eadaa6fcdccb0ee.dll
1⤵
PID:2112

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\3c8968d6329d1d928eadaa6fcdccb0ee.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2252