7918624cf0155add97292cbece251dab89de45511f01879e34b9bf409bdb59ef

Analysis

max time kernel
120s
max time network
141s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
11/01/2024, 02:01

Target

523c2f8bdc394de91a12d2aea2df37b9.dll
Size

30KB
MD5

523c2f8bdc394de91a12d2aea2df37b9
SHA1

b11487a5bb4b6f758bca9b8b7edb164d8a19f759
SHA256

7918624cf0155add97292cbece251dab89de45511f01879e34b9bf409bdb59ef
SHA512

2f4e61d1463ee4a1bdf9327381d0ab7275002bf1899fa4a67cd6d373108020b9b43eb3c224afd0dd41b7167aa617132fdaa350f3bb11851f2c32647ef2e9fda7
SSDEEP

384:759+PbhI7kZp9Wc9/jWhHlnxoklhoAyB0j+GiBHibqZ0Aljj8sIHcwRW0p:H+ThI7GXCzxTl6AyijTiBEqZ0i0sw/R

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2228 wrote to memory of 1704	2228	regsvr32.exe	28
PID 2228 wrote to memory of 1704	2228	regsvr32.exe	28
PID 2228 wrote to memory of 1704	2228	regsvr32.exe	28
PID 2228 wrote to memory of 1704	2228	regsvr32.exe	28
PID 2228 wrote to memory of 1704	2228	regsvr32.exe	28
PID 2228 wrote to memory of 1704	2228	regsvr32.exe	28
PID 2228 wrote to memory of 1704	2228	regsvr32.exe	28

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\523c2f8bdc394de91a12d2aea2df37b9.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2228
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\523c2f8bdc394de91a12d2aea2df37b9.dll
  2⤵
  PID:1704

memory/1704-0-0x0000000000180000-0x000000000018D000-memory.dmp

Filesize
52KB

Download