Analysis
-
max time kernel
150s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
02-02-2024 07:59
Behavioral task
behavioral1
Sample
88fba76c3a7eb0f785903de05fb0bd06.dll
Resource
win7-20231215-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
88fba76c3a7eb0f785903de05fb0bd06.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
88fba76c3a7eb0f785903de05fb0bd06.dll
-
Size
4.9MB
-
MD5
88fba76c3a7eb0f785903de05fb0bd06
-
SHA1
35f452a43a838cbad695d596b2cad144cc115074
-
SHA256
8c981acb2673fa80fa39aa2ba9b1916cb9866b5e8f9ec1cc98bc7fed36b49c61
-
SHA512
f0bfb7e85de0834c3a3a8448ba4d218d28608b3634bed24590a30e91acb51632b01b09f3734547bca383c8d69a8e4c754337fa7d44a274c458fca04d21c29876
-
SSDEEP
98304:LXIbjOdRTNhVNwb64wmsBtA8x2nKXp8SXUMjR7VOMRf2TYwTkZ0032:jI4T9N/esBO62KSSXU0FVOM8Uwz
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
regsvr32.exedescription pid process target process PID 4968 wrote to memory of 2520 4968 regsvr32.exe regsvr32.exe PID 4968 wrote to memory of 2520 4968 regsvr32.exe regsvr32.exe PID 4968 wrote to memory of 2520 4968 regsvr32.exe regsvr32.exe