Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-07-2024 10:42

General

  • Target

    Havij 1.15 - Patched/RICHTX32.dll

  • Size

    254KB

  • MD5

    21034a336e16f30345a96de9bd8cec25

  • SHA1

    c9fb876a001874c4ee8670fabf12c36036f54a1f

  • SHA256

    251a419bb5998882227a11188311b82f20c4952865ff916397973bd9a50c69d5

  • SHA512

    ed1f33cd13f6cda5aa4696271927ff2497a2bd33fee606655ed50bb5f13cedb81a3597844c1a8030e6ffa3c46ed34c217a55dab062ba00a76f2f079b7da2e86f

  • SSDEEP

    3072:Q2yywZ8NOAf90tLOsFZdASaIaOXUX1RmY1viVg6y/jg9FdYJEhN9dTmmkSER/Um4:c78vfEBFZdASUT1RmMQxFdYJErlj6f

Score
1/10

Malware Config

Signatures

  • Modifies registry class 64 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s "C:\Users\Admin\AppData\Local\Temp\Havij 1.15 - Patched\RICHTX32.dll"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4716
    • C:\Windows\SysWOW64\regsvr32.exe
      /s "C:\Users\Admin\AppData\Local\Temp\Havij 1.15 - Patched\RICHTX32.dll"
      2⤵
      • Modifies registry class
      PID:2480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads