f62084f4aa42383b79e32798005023fe2a49123e11d9c6c90735a1ce25eacb9a

Analysis

max time kernel
121s
max time network
123s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10/06/2024, 15:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f62084f4aa42383b79e32798005023fe2a49123e11d9c6c90735a1ce25eacb9a.dll
Size

7.1MB
MD5

50158b8535a5b46ce1a9cdb1351feeee
SHA1

357525c92c24f13e634cf93cc05501f0ccde5620
SHA256

f62084f4aa42383b79e32798005023fe2a49123e11d9c6c90735a1ce25eacb9a
SHA512

2532df96a4e59bf78c8401f43cc650c8e774acce82075065a29a603fb73f905cd4b59be128929588c3d60762f2bfb9317ab2be74fc4a95aca6f591c06135dc6a
SSDEEP

49152:hNuPsTToKfiAa0/LET+Cm7dMnuXHMuTRccYZV4bjQPM2t+RmHBcXLo8nc:xgk3Mz54QPM9Lo8c

Score

1^/10

Malware Config

Signatures

Modifies registry class 13 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C101D-0000-0000-C000-000000000046}\ = "IMsiMessage"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{000C1084-0000-0000-C000-000000000046}\ = "MsiDatabase"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{000C1092-0000-0000-C000-000000000046}\1.0\0	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{000C1082-0000-0000-C000-000000000046}	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{000C1082-0000-0000-C000-000000000046}\ = "MsiTransform"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{000C1086-0000-0000-C000-000000000046}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{000C1092-0000-0000-C000-000000000046}\1.0	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C101D-0000-0000-C000-000000000046}\ProxyStubClsid32\ = "{000C103E-0000-0000-C000-000000000046}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{000C1084-0000-0000-C000-000000000046}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{000C1092-0000-0000-C000-000000000046}	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C101D-0000-0000-C000-000000000046}\NumMethods\ = "3"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{000C1086-0000-0000-C000-000000000046}\ = "MsiPatch"	regsvr32.exe

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\f62084f4aa42383b79e32798005023fe2a49123e11d9c6c90735a1ce25eacb9a.dll
1⤵
- Modifies registry class
PID:2032

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads