f09fc85d0a9ae5742c524ba33654d4b19e82d9df24a7b4d6ab2fa26be67281df

Analysis

max time kernel
118s
max time network
121s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
24/01/2024, 12:43

Target

724531956b53a8ce671ccfb9ae5068c6.dll
Size

45KB
MD5

724531956b53a8ce671ccfb9ae5068c6
SHA1

883ce0a688371d2122c7db99162b63638f26c5ed
SHA256

f09fc85d0a9ae5742c524ba33654d4b19e82d9df24a7b4d6ab2fa26be67281df
SHA512

7891972c84332c448b5b9e7eba810745c953a43abeb499204ed805c7c7c5c2d3d1a9f441814785457f3d760aa7b25d84d024028c792874f33cfedfc61ec34a13
SSDEEP

768:UdezPrfvVNIywt3d91fy7L3JFArOQatBW7Bctrvlq3nS8ZWZl53:Ie7rVjG3oL0rO5uBct7lq3nS8Zo3

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2452 wrote to memory of 2132	2452	regsvr32.exe	1
PID 2452 wrote to memory of 2132	2452	regsvr32.exe	1
PID 2452 wrote to memory of 2132	2452	regsvr32.exe	1
PID 2452 wrote to memory of 2132	2452	regsvr32.exe	1
PID 2452 wrote to memory of 2132	2452	regsvr32.exe	1
PID 2452 wrote to memory of 2132	2452	regsvr32.exe	1
PID 2452 wrote to memory of 2132	2452	regsvr32.exe	1

C:\Windows\SysWOW64\regsvr32.exe
/s C:\Users\Admin\AppData\Local\Temp\724531956b53a8ce671ccfb9ae5068c6.dll
1⤵
PID:2132

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\724531956b53a8ce671ccfb9ae5068c6.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2452