Analysis
-
max time kernel
135s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
23-05-2024 00:27
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
924bf9d65404884fa9860594e607d23d68cde275729c8e593f30b49f6534880f.dll
Resource
win7-20240419-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
924bf9d65404884fa9860594e607d23d68cde275729c8e593f30b49f6534880f.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
924bf9d65404884fa9860594e607d23d68cde275729c8e593f30b49f6534880f.dll
-
Size
5.6MB
-
MD5
34b9d2fd3443d1be38877cfd6bbc3bcb
-
SHA1
5c574d51cf6b5956fc7800f44358b42891eae6c0
-
SHA256
924bf9d65404884fa9860594e607d23d68cde275729c8e593f30b49f6534880f
-
SHA512
01adb67584155ca1c55180bbb5113d0e56f529954af09e3ef265b840d0eee95e486d7f8abaec0029da8a88decccdfcccc6b9fb56433f942e61af33b1c7e30c19
-
SSDEEP
98304:Ns5sa/11iy79/pB0ilQiqnwWvtovwfVM1DR9:Ferv7qilYnDJuR9
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2308 regsvr32.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3912 wrote to memory of 2308 3912 regsvr32.exe 90 PID 3912 wrote to memory of 2308 3912 regsvr32.exe 90 PID 3912 wrote to memory of 2308 3912 regsvr32.exe 90
Processes
-
C:\Windows\system32\regsvr32.exeregsvr32 /s C:\Users\Admin\AppData\Local\Temp\924bf9d65404884fa9860594e607d23d68cde275729c8e593f30b49f6534880f.dll1⤵
- Suspicious use of WriteProcessMemory
PID:3912 -
C:\Windows\SysWOW64\regsvr32.exe/s C:\Users\Admin\AppData\Local\Temp\924bf9d65404884fa9860594e607d23d68cde275729c8e593f30b49f6534880f.dll2⤵
- Suspicious use of SetWindowsHookEx
PID:2308
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=3148,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=3744 /prefetch:81⤵PID:3948