72609f0632370e95b16d901d46cb6a9ed40305fd3c15ff65d1e771f347acad10

Analysis

max time kernel
118s
max time network
121s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
12/01/2024, 17:34

Target

72609f0632370e95b16d901d46cb6a9ed40305fd3c15ff65d1e771f347acad10.dll
Size

235KB
MD5

76498bf66f5e943793f11ee06741c25d
SHA1

123233653c6787200578a0b5cc656223b9a5daf8
SHA256

72609f0632370e95b16d901d46cb6a9ed40305fd3c15ff65d1e771f347acad10
SHA512

ea0bda97ea61b6a8769cb387c336ac3c2fcf8b2d07fe42864185632d32411c911ecda8d3c76487e1d0a5b0771e856e433dcc712a19e72f05cce41b4773318102
SSDEEP

6144:OjGJlzY51le4p0TtaKbG0HUBV+UdvrEFp7hKuFBF:OyJY51le4WTAKb5UBjvrEH7FFL

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2772 wrote to memory of 2672	2772	regsvr32.exe	28
PID 2772 wrote to memory of 2672	2772	regsvr32.exe	28
PID 2772 wrote to memory of 2672	2772	regsvr32.exe	28
PID 2772 wrote to memory of 2672	2772	regsvr32.exe	28
PID 2772 wrote to memory of 2672	2772	regsvr32.exe	28
PID 2772 wrote to memory of 2672	2772	regsvr32.exe	28
PID 2772 wrote to memory of 2672	2772	regsvr32.exe	28

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\72609f0632370e95b16d901d46cb6a9ed40305fd3c15ff65d1e771f347acad10.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2772
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\72609f0632370e95b16d901d46cb6a9ed40305fd3c15ff65d1e771f347acad10.dll
  2⤵
  PID:2672