Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25-01-2024 16:21
Behavioral task
behavioral1
Sample
74f4c2170e8c2f896b700fdc39b8376f.dll
Resource
win7-20231215-en
windows7-x64
2 signatures
150 seconds
General
-
Target
74f4c2170e8c2f896b700fdc39b8376f.dll
-
Size
43KB
-
MD5
74f4c2170e8c2f896b700fdc39b8376f
-
SHA1
766ba071e05bba99fba184fb8a35db1c1c745b57
-
SHA256
509e9420182a36be0bbf43d94aca10f2e4f5e19b891999ee6e873b1fa5354f1d
-
SHA512
0b9f3d7c4c0b8924b867dc6d4423466d2edd4f52d83a56274ec66cb3c0bf4b4e12db9f1a1458141b4356897ba5e886c5a3c98a77706c9ff82971e13c6b675890
-
SSDEEP
768:aVP8mEUaztn7LgyfT+zvUfP4aX35A+D6fyo5oKcLCDDnW6cN19da:aORPRTkKPf3d6d5ALCDDWHn
Score
7/10
Malware Config
Signatures
-
Processes:
resource yara_rule behavioral1/memory/1716-0-0x0000000020000000-0x0000000020023000-memory.dmp upx -
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
regsvr32.exedescription pid process target process PID 2176 wrote to memory of 1716 2176 regsvr32.exe regsvr32.exe PID 2176 wrote to memory of 1716 2176 regsvr32.exe regsvr32.exe PID 2176 wrote to memory of 1716 2176 regsvr32.exe regsvr32.exe PID 2176 wrote to memory of 1716 2176 regsvr32.exe regsvr32.exe PID 2176 wrote to memory of 1716 2176 regsvr32.exe regsvr32.exe PID 2176 wrote to memory of 1716 2176 regsvr32.exe regsvr32.exe PID 2176 wrote to memory of 1716 2176 regsvr32.exe regsvr32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1716-0-0x0000000020000000-0x0000000020023000-memory.dmpFilesize
140KB