9610cbcd4561368b6612cad1693982c43c8d81b0d52bb264c5f606f2478c1c58

Analysis

max time kernel
93s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
10/04/2024, 12:50

Target

9610cbcd4561368b6612cad1693982c43c8d81b0d52bb264c5f606f2478c1c58.dll
Size

149KB
MD5

bd43933d60913e2f633bf029ff0120db
SHA1

7992729769760ecab37f2aa32de4e61e77828547
SHA256

9610cbcd4561368b6612cad1693982c43c8d81b0d52bb264c5f606f2478c1c58
SHA512

48857742b7674b74e229f78bd5d56e567fdac816313e655284aba24d78dca615b7985be51905e7d9138f1616687f6d00a301761b880b5618c1a9a50c5bab706a
SSDEEP

3072:RIh53k0O22k12UgTd7NE8ow/rCf4MXc0rIpC1Sy1:RID3TOq8USd7Pj4rEpz8

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2884 wrote to memory of 4724	2884	regsvr32.exe	85
PID 2884 wrote to memory of 4724	2884	regsvr32.exe	85
PID 2884 wrote to memory of 4724	2884	regsvr32.exe	85

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\9610cbcd4561368b6612cad1693982c43c8d81b0d52bb264c5f606f2478c1c58.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:2884
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\9610cbcd4561368b6612cad1693982c43c8d81b0d52bb264c5f606f2478c1c58.dll
  2⤵
  PID:4724