Analysis
-
max time kernel
93s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
27-11-2024 23:59
General
-
Target
233dd90d3640904ad0dd9f37e744bb72f7828be443b6d1c32bcb63ae0b2f3d2c.dll
-
Size
135KB
-
MD5
680fb4bb59383c48303d0353cdc18bf8
-
SHA1
34114a1dbe0680f886d650f4bbb6708ce06c0bc2
-
SHA256
233dd90d3640904ad0dd9f37e744bb72f7828be443b6d1c32bcb63ae0b2f3d2c
-
SHA512
997287f465b44301bae19dd58e66d46083d1ca99c5653592bb3ab6666382453c1a509e27575f671a89b5c60a675182fb89fbca1db1f98d4c35bd3aef2519bc82
-
SSDEEP
3072:81AaJomSE8ibVRWKpyaZH35mLTi8Mir3m3aWQXZ6Yfd/TTai8/c:8qmSE8iJEKpyo5ATEir3KaVXZ6+Vv8/c
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\regsvr32.exeregsvr32 /s C:\Users\Admin\AppData\Local\Temp\233dd90d3640904ad0dd9f37e744bb72f7828be443b6d1c32bcb63ae0b2f3d2c.dll1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\regsvr32.exe/s C:\Users\Admin\AppData\Local\Temp\233dd90d3640904ad0dd9f37e744bb72f7828be443b6d1c32bcb63ae0b2f3d2c.dll2⤵
- System Location Discovery: System Language Discovery
-