6dd4c8c5c75055d2ba37c1a8992041dcb1b86b6624be63e97a989c7da558a9d7

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
04/01/2024, 18:22

Target

6dd4c8c5c75055d2ba37c1a8992041dcb1b86b6624be63e97a989c7da558a9d7.dll
Size

1.8MB
MD5

7d180f67595424e11007f72298dd7ec3
SHA1

a2c14ef998b17f17fa8289c8ea44540b7e1d427f
SHA256

6dd4c8c5c75055d2ba37c1a8992041dcb1b86b6624be63e97a989c7da558a9d7
SHA512

35a47b93a10a42d77b819d1cb733a02f497b236007046c6c5250523f77f4bec9c86594ffc75c2b5a5b8b6f0cccba06e091d6f0a112c3643acaba6ba200f7dd9b
SSDEEP

24576:/ub9WFEMQxSzyEl4aS6S0jxtCBVKNC5RBc6g8BUBckubJWlznFJDFbHA3QShJ:/REMGWfl4oRWVBBBUBck8WlznFJmT

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 1664 wrote to memory of 2768	1664	regsvr32.exe	28
PID 1664 wrote to memory of 2768	1664	regsvr32.exe	28
PID 1664 wrote to memory of 2768	1664	regsvr32.exe	28
PID 1664 wrote to memory of 2768	1664	regsvr32.exe	28
PID 1664 wrote to memory of 2768	1664	regsvr32.exe	28
PID 1664 wrote to memory of 2768	1664	regsvr32.exe	28
PID 1664 wrote to memory of 2768	1664	regsvr32.exe	28

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\6dd4c8c5c75055d2ba37c1a8992041dcb1b86b6624be63e97a989c7da558a9d7.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:1664
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\6dd4c8c5c75055d2ba37c1a8992041dcb1b86b6624be63e97a989c7da558a9d7.dll
  2⤵
  PID:2768