7905df7457eea6b6c6d9f521a587121dd2bf5737d9b62454f7e6473fe7cddf21

Resubmissions

27-04-2024 22:49

240427-2rth2aad39 10

27-04-2024 22:47

240427-2qnamaac87 3

Analysis

max time kernel
62s
max time network
53s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
27-04-2024 22:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

iasnap/iasnap.dll
Size

146KB
MD5

9159148d50715f59a725a977967898b7
SHA1

f5517daf900443dd6bc105359dc65886d6d554cd
SHA256

7c1dfb2b669a3346db1c72aa240aa0c8c11ae874f295957a4ae5225aea5ce338
SHA512

a7af2ee0bffe1a065ea9e5d221a335d92f6e3205bc57a06a9e5ad21bdf99f99d570b4402296cf17600ed723a7859a6b9dd51dcab75dc5e4904c90138e1b01ec1
SSDEEP

3072:h/snML9MjETSXzWRYrVmigq8SdquzxxTPYZczFZM2+ahI:hsMizWRY4igq8CrzxxTPYZjla

Score

1^/10

Malware Config

Signatures

Modifies registry class 48 IoCs

Processes:

regsvr32.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098A9-0CE6-11D1-BAAE-00C04FC2E20D}\Version	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{6BC098A0-0CE6-11D1-BAAE-00C04FC2E20D}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{6BC098A0-0CE6-11D1-BAAE-00C04FC2E20D}\1.0	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}\ = "IQualityControl"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098AD-0CE6-11D1-BAAE-00C04FC2E20D}\Programmable	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098AD-0CE6-11D1-BAAE-00C04FC2E20D}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098A7-0CE6-11D1-BAAE-00C04FC2E20D}\Programmable	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}\TypeLib\Version = "1.0"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098A8-0CE6-11D1-BAAE-00C04FC2E20D}\Programmable	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC096D5-0CE6-11D1-BAAE-00C04FC2E20D}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC096E1-0CE6-11D1-BAAE-00C04FC2E20D}\Programmable	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC096E1-0CE6-11D1-BAAE-00C04FC2E20D}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098A6-0CE6-11D1-BAAE-00C04FC2E20D}\Programmable	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098A6-0CE6-11D1-BAAE-00C04FC2E20D}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098A9-0CE6-11D1-BAAE-00C04FC2E20D}\TypeLib	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}\TypeLib	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}\TypeLib\Version = "1.0"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC096D5-0CE6-11D1-BAAE-00C04FC2E20D}\Programmable	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{6BC098A0-0CE6-11D1-BAAE-00C04FC2E20D}\1.0\HELPDIR	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098A5-0CE6-11D1-BAAE-00C04FC2E20D}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC096E0-0CE6-11D1-BAAE-00C04FC2E20D}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098AC-0CE6-11D1-BAAE-00C04FC2E20D}\Programmable	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC096D5-0CE6-11D1-BAAE-00C04FC2E20D}\TypeLib	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098A5-0CE6-11D1-BAAE-00C04FC2E20D}\Programmable	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC096E0-0CE6-11D1-BAAE-00C04FC2E20D}\Programmable	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098A8-0CE6-11D1-BAAE-00C04FC2E20D}\Version	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}\TypeLib\ = "{6BC098A0-0CE6-11D1-BAAE-00C04FC2E20D}"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}\ = "IQualityControl"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}\ProxyStubClsid32	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098AC-0CE6-11D1-BAAE-00C04FC2E20D}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098A8-0CE6-11D1-BAAE-00C04FC2E20D}\TypeLib	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{01A3BF5C-CC93-4C12-A4C3-09B0BBE7F63F}\Version	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}\ProxyStubClsid32	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}\TypeLib	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6BC096AB-0CE6-11D1-BAAE-00C04FC2E20D}\TypeLib\ = "{6BC098A0-0CE6-11D1-BAAE-00C04FC2E20D}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098A7-0CE6-11D1-BAAE-00C04FC2E20D}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098A8-0CE6-11D1-BAAE-00C04FC2E20D}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC096D5-0CE6-11D1-BAAE-00C04FC2E20D}\Version	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{6BC098A9-0CE6-11D1-BAAE-00C04FC2E20D}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{01A3BF5C-CC93-4C12-A4C3-09B0BBE7F63F}\TypeLib	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{01A3BF5C-CC93-4C12-A4C3-09B0BBE7F63F}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{01A3BF5C-CC93-4C12-A4C3-09B0BBE7F63F}\Programmable	regsvr32.exe

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\iasnap\iasnap.dll
1⤵
- Modifies registry class
PID:908

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads