54eaafcf58f349c5b2b401adf0ff2da977ad51ea344e81ca09dd1cf17febe8a5

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
08/01/2024, 19:50

Target

4c4f7f18779f046665080fa93eba4ccd.dll
Size

44KB
MD5

4c4f7f18779f046665080fa93eba4ccd
SHA1

f5e83d50dba3d62a63e98568862dbc31064f407e
SHA256

54eaafcf58f349c5b2b401adf0ff2da977ad51ea344e81ca09dd1cf17febe8a5
SHA512

a5e979e8430d7f5a0b57dbc1f15bb86fea48bd66edd74ebea1a1d94d641432dc70e0ca784f8bafdf451b3da6563f44344317fdb187544017c2f602df8be89ce8
SSDEEP

768:uvm6YCi5saXjayiV15LWkX0GoPZ/QcnDPv8PBh6Ht7rd3h:uz5i5s0aySdWkX0bHDH8ph6Ht7r7

Score

1^/10

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1068	regsvr32.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2024 wrote to memory of 1068	2024	regsvr32.exe	16
PID 2024 wrote to memory of 1068	2024	regsvr32.exe	16
PID 2024 wrote to memory of 1068	2024	regsvr32.exe	16
PID 2024 wrote to memory of 1068	2024	regsvr32.exe	16
PID 2024 wrote to memory of 1068	2024	regsvr32.exe	16
PID 2024 wrote to memory of 1068	2024	regsvr32.exe	16
PID 2024 wrote to memory of 1068	2024	regsvr32.exe	16

C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\4c4f7f18779f046665080fa93eba4ccd.dll
1⤵
- Suspicious use of SetWindowsHookEx
PID:1068

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\4c4f7f18779f046665080fa93eba4ccd.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2024