Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/02/2024, 16:41

General

  • Target

    8fa5b99de362abd7dd2c91ad486b1a52.dll

  • Size

    300KB

  • MD5

    8fa5b99de362abd7dd2c91ad486b1a52

  • SHA1

    5ddfbbaab5e7a6d568cf5daf37a4bd1c0bcf30e5

  • SHA256

    92b6a668e056129c8390a74c1ea5fa1e3eb0ddfac2334057e8df77acaaae4270

  • SHA512

    949ea0aeac8e401adba4265a61d79a798d8109b2b54524976648558f82a55d051e6c246d379a94760eb0ef79ea3114ad59c9f78c9696d6895ab5c1533d566f04

  • SSDEEP

    3072:1pyrhBuvPVk+2Z9a9qO/6kFaL5EUKGU1AxpxaTlnOv4SVnKNY0t/WHCZ6:+iVk+/99/6uatEw1DqnknXuWHCZ

Score
6/10

Malware Config

Signatures

  • Installs/modifies Browser Helper Object 2 TTPs 1 IoCs

    BHOs are DLL modules which act as plugins for Internet Explorer.

  • Modifies registry class 50 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\8fa5b99de362abd7dd2c91ad486b1a52.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1216
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\8fa5b99de362abd7dd2c91ad486b1a52.dll
      2⤵
      • Installs/modifies Browser Helper Object
      • Modifies registry class
      PID:3056

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads