7dd92005474b60082f4e7cea7ae0564f26b2bc0c37bcc89dd5729cfbf171fb2a | Triage

Analysis

max time kernel
145s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
05/01/2024, 10:42

Sharing

Report Analysis Logs

General

Target

437a668b48a0d0228cf4fb588fe09cd1.dll
Size

84KB
MD5

437a668b48a0d0228cf4fb588fe09cd1
SHA1

3661979d5b1ab372d40c03fa1919e2ed66032e7a
SHA256

7dd92005474b60082f4e7cea7ae0564f26b2bc0c37bcc89dd5729cfbf171fb2a
SHA512

f9e1dc75bdefcc38e0a1cbf03f5369ab7f26cde37c2c78edf453c79a6160aa7fe50eba7a70bec4704de2a2caf58314936242a6ff5f3840b5f11329bf1ead4a8d
SSDEEP

1536:bA4yklp25wMKKICS4A+UoJHYJWLadIQrUs5q:bA2iIsUodYJ5dxz5q

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3968 wrote to memory of 916	3968	regsvr32.exe	88
PID 3968 wrote to memory of 916	3968	regsvr32.exe	88
PID 3968 wrote to memory of 916	3968	regsvr32.exe	88

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\437a668b48a0d0228cf4fb588fe09cd1.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:3968
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\437a668b48a0d0228cf4fb588fe09cd1.dll
  2⤵
  PID:916

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads