Analysis

  • max time kernel
    92s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-06-2024 21:20

General

  • Target

    Kernel/PPStream/Livenet2.dll

  • Size

    1.2MB

  • MD5

    6212fa58f5b6fca810303f5ab306f3d9

  • SHA1

    b7d4f8fb5c2f925853c438bf5c85ee9caabdd4e3

  • SHA256

    2a6050144d264d679ce5932d9177897efc8effd280909320f2c9caf0a9462cbe

  • SHA512

    f195bfc94f1fb1970e710c95354d6a561278f618eba94d2ea28af37af8ca6990f2e600315b091acf7db146a560ef291b3d05c1a76a1497d4bcf29a0f0157cb7f

  • SSDEEP

    24576:U1rBpsBBc4hhueHCpAx8+XV/2hDoWgf6xVpacRYbIVktfxmnW6FVbi:orBp74hhueHCp28+XV/2hDBgf6H/mptd

Score
1/10

Malware Config

Signatures

  • Modifies registry class 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\Kernel\PPStream\Livenet2.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4084
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\Kernel\PPStream\Livenet2.dll
      2⤵
      • Modifies registry class
      PID:3964

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads