1adf1646b9113fd13d0e6745b83a59fae2160ba93ecade45be63dd210cf6c8a6 | Triage

Submit
Reports

Overview

overview

Static

static

3

__x64___se...nv.dll

windows10-2004-x64

1

__x64___se...or.dll

windows10-2004-x64

1

__x64___se...vc.dll

windows10-2004-x64

1

__x64___se...df.dll

windows10-2004-x64

1

__x64___se...nc.dll

windows10-2004-x64

1

__x64___se...tr.dll

windows10-2004-x64

1

__x64___se...el.dll

windows10-2004-x64

1

__x64___se...lg.dll

windows10-2004-x64

1

__x64___se...ab.dll

windows10-2004-x64

1

__x64___se...rf.dll

windows10-2004-x64

1

__x64___se...on.dll

windows10-2004-x64

1

__x64___se...al.dll

windows10-2004-x64

1

__x64___se...SM.dll

windows10-2004-x64

1

__x64___se...ms.dll

windows10-2004-x64

1

__x64___se...20.dll

windows7-x64

1

__x64___se...20.dll

windows10-2004-x64

1

__x64___se...un.dll

windows10-2004-x64

7

__x64___se...up.msi

windows7-x64

6

__x64___se...up.msi

windows10-2004-x64

__x64___se...ph.dll

windows10-2004-x64

1

__x64___se...rs.dll

windows10-2004-x64

1

__x64___se...rv.dll

windows10-2004-x64

1

__x64___se...re.dll

windows10-2004-x64

1

Analysis

max time kernel
147s
max time network
161s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
01-07-2024 04:18

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

__x64___setup___x32__/SettingMonitor/SessEnv.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

__x64___setup___x32__/SettingMonitor/SettingMonitor.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

__x64___setup___x32__/SettingMonitor/pnrpsvc.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

__x64___setup___x32__/SettingMonitor/uudf.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

__x64___setup___x32__/SettingSync/SettingSync.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

__x64___setup___x32__/SettingSync/rasmontr.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

__x64___setup___x32__/SettingSync/schannel.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

__x64___setup___x32__/SettingSync/sppcommdlg.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

__x64___setup___x32__/dab/dab.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

__x64___setup___x32__/dab/diagperf.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

__x64___setup___x32__/dab/fcon.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

__x64___setup___x32__/dab/hal.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

__x64___setup___x32__/mscms/NPSM.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

__x64___setup___x32__/mscms/mscms.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

__x64___setup___x32__/mscms/msvcp120.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

__x64___setup___x32__/mscms/msvcp120.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

__x64___setup___x32__/mscms/scrrun.dll

Resource

win10v2004-20240508-en

persistence privilege_escalation

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

__x64___setup___x32__/setup.msi

Resource

win7-20240508-en

persistence privilege_escalation

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral19

Sample

__x64___setup___x32__/setup.msi

Resource

win10v2004-20240611-en

rhadamanthys execution persistence privilege_escalation stealer

windows10-2004-x64

17 signatures

150 seconds

Behavioral task

behavioral20

Sample

__x64___setup___x32__/vmrdvcore/mssph.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

__x64___setup___x32__/vmrdvcore/perfctrs.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

__x64___setup___x32__/vmrdvcore/tapisrv.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

__x64___setup___x32__/vmrdvcore/vmrdvcore.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

__x64___setup___x32__/vmrdvcore/vmrdvcore.dll
Size

448KB
MD5

c13f52b8a6dad68ea53449f82656b0ff
SHA1

8b71c7aeb4e31152c275fa4c1ca392dc87154406
SHA256

205d81f292a54c6583e4dffc26922690e5771cb9cbcdea8193f3b37a5deb50b0
SHA512

2a22a55a9dcb94424c07a1209e1daa85532be7a4b30f8ae9848772518ca0ff932ac171661057f73e39a22433f09cec5e8a9be9792b8c25c7d550643ac2d582dc
SSDEEP

6144:s/QgOQa/pXgnyqe+YP6CJSJ/MWF++WbhT+0WPSn0Eh3qLBp5HVVTClD83FLOsxtw:sHYSYPR6/z+Z5DOBpF//7/Y5

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\__x64___setup___x32__\vmrdvcore\vmrdvcore.dll,#1
1⤵
PID:4560

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy