Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
27/05/2024, 11:40
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
PortableDeviceStatus.dll
Resource
win10v2004-20240508-en
1 signatures
150 seconds
General
-
Target
PortableDeviceStatus.dll
-
Size
59KB
-
MD5
2540c89bd3cfc03bd5b9b9752452ccba
-
SHA1
680892b8952fdca705b1c0f0ee4007dff7cc8678
-
SHA256
f1038f9c9732982bfd277cd8a0d469b8aebe835879665d46c44dc8cc53bd661c
-
SHA512
92769591bbe5c903ed7bb318b339b881753a1c824b95447da0bf48fb9b6ee731b63af60565beb7ea735b915e68f1b7a9dccac58e32b5197add92c0edbe4a784b
-
SSDEEP
1536:PP3lRzjXWTjJc8FK72qZQsLt3+LXt5aZZ9iFMA1zJGkPfpnmpnPVGyr:lIa8+2qZQsLt3+Ld5aZZ9i9JGkP8nPV/
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4688 wrote to memory of 4796 4688 regsvr32.exe 82 PID 4688 wrote to memory of 4796 4688 regsvr32.exe 82 PID 4688 wrote to memory of 4796 4688 regsvr32.exe 82