e74ab0ad1775c1464300058cd2bd1e75f2e1abe36646dcb927dc018d5fbc1088

Analysis

max time kernel
118s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
23/04/2024, 14:17

Target

e74ab0ad1775c1464300058cd2bd1e75f2e1abe36646dcb927dc018d5fbc1088.dll
Size

3.3MB
MD5

755a75db1327d3a19fb8b9b1a1e6d730
SHA1

f982923b11bdabe27c9f3cc11cdb00a2a4b3709a
SHA256

e74ab0ad1775c1464300058cd2bd1e75f2e1abe36646dcb927dc018d5fbc1088
SHA512

64be4bcf854dd85a4552d5db59830b07e078addd7ce11fbfa1995c8b25463ef26e110a4d9247727c52609dc44260801802198d68cd164aa88720d5297748e1cd
SSDEEP

49152:DucCrMzcHipTP0aVy+cTiPA+uo8TWh6UU3JxpHIWkU1Zwnlmd+:8P2tVyfbnoV6UCZHIxR

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 1712 wrote to memory of 2272	1712	regsvr32.exe	28
PID 1712 wrote to memory of 2272	1712	regsvr32.exe	28
PID 1712 wrote to memory of 2272	1712	regsvr32.exe	28
PID 1712 wrote to memory of 2272	1712	regsvr32.exe	28
PID 1712 wrote to memory of 2272	1712	regsvr32.exe	28
PID 1712 wrote to memory of 2272	1712	regsvr32.exe	28
PID 1712 wrote to memory of 2272	1712	regsvr32.exe	28

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\e74ab0ad1775c1464300058cd2bd1e75f2e1abe36646dcb927dc018d5fbc1088.dll
1⤵
- Suspicious use of WriteProcessMemory
PID:1712
- C:\Windows\SysWOW64\regsvr32.exe
  /s C:\Users\Admin\AppData\Local\Temp\e74ab0ad1775c1464300058cd2bd1e75f2e1abe36646dcb927dc018d5fbc1088.dll
  2⤵
  PID:2272