Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
08/01/2024, 04:15
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
4a6998f3538d9ab2faf3f1fa97218042.dll
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
4a6998f3538d9ab2faf3f1fa97218042.dll
Resource
win10v2004-20231222-en
1 signatures
150 seconds
General
-
Target
4a6998f3538d9ab2faf3f1fa97218042.dll
-
Size
123KB
-
MD5
4a6998f3538d9ab2faf3f1fa97218042
-
SHA1
04fe65d02baab6d5eb7227dbd0cc6cd771e5165f
-
SHA256
49762e1c41da48e3bdfff53eb7ae9ced675b0f64aa9f4c57ec8d43af06db9447
-
SHA512
c797316f7c51436a8076acc739e39b104ed5934736be49ff91a69697b686bcfc38e74ce26d94fe3b1970988f7282d2619aaa585eb563e3a74859bb6bf71cbde6
-
SSDEEP
3072:/hG7PsXIIzGFGnrHndJll0dzP0l/muBUZmSp/Dm+rkDb4t9:/hcI5ZTtBUZpN9G
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 3064 wrote to memory of 2212 3064 regsvr32.exe 28 PID 3064 wrote to memory of 2212 3064 regsvr32.exe 28 PID 3064 wrote to memory of 2212 3064 regsvr32.exe 28 PID 3064 wrote to memory of 2212 3064 regsvr32.exe 28 PID 3064 wrote to memory of 2212 3064 regsvr32.exe 28 PID 3064 wrote to memory of 2212 3064 regsvr32.exe 28 PID 3064 wrote to memory of 2212 3064 regsvr32.exe 28