67850c7773126776d6282acb298b3afd66e1a709d38f7af972263674ae6ddf12

Analysis

max time kernel
121s
max time network
123s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
10/08/2024, 11:42

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

67850c7773126776d6282acb298b3afd66e1a709d38f7af972263674ae6ddf12.dll
Size

2.0MB
MD5

e30bb825bd5647bcf5b05f143ae03478
SHA1

d50772085bcddcae77fa11e764deca89267bbb62
SHA256

67850c7773126776d6282acb298b3afd66e1a709d38f7af972263674ae6ddf12
SHA512

1f5ebe2c929d8868217f72ebc754924323b67ba8c9839fb9fc577d38a3d4b6ce6a510136ff9162718759771691425f56357b71d1c7b1aae8c54f7b6f69bfb8f6
SSDEEP

49152:l+VHTHdl/Wqre5HeVOtZo4EcxzbZzrbAoScsk7LcD0Na:MJT9l/tbVycD0A

Score

1^/10

Malware Config

Signatures

Modifies registry class 13 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{000C1082-0000-0000-C000-000000000046}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{000C1086-0000-0000-C000-000000000046}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{000C1092-0000-0000-C000-000000000046}\1.0\0	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C101D-0000-0000-C000-000000000046}\ = "IMsiMessage"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{000C1082-0000-0000-C000-000000000046}\ = "MsiTransform"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{000C1086-0000-0000-C000-000000000046}\ = "MsiPatch"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{000C1092-0000-0000-C000-000000000046}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{000C1092-0000-0000-C000-000000000046}\1.0	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C101D-0000-0000-C000-000000000046}\NumMethods\ = "3"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{000C101D-0000-0000-C000-000000000046}\ProxyStubClsid32\ = "{000C103E-0000-0000-C000-000000000046}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{000C1084-0000-0000-C000-000000000046}	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{000C1084-0000-0000-C000-000000000046}\ = "MsiDatabase"	regsvr32.exe

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\67850c7773126776d6282acb298b3afd66e1a709d38f7af972263674ae6ddf12.dll
1⤵
- Modifies registry class
PID:2384

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads