1adf1646b9113fd13d0e6745b83a59fae2160ba93ecade45be63dd210cf6c8a6 | Triage

Submit
Reports

Overview

overview

Static

static

3

__x64___se...nv.dll

windows10-2004-x64

1

__x64___se...or.dll

windows10-2004-x64

1

__x64___se...vc.dll

windows10-2004-x64

1

__x64___se...df.dll

windows10-2004-x64

1

__x64___se...nc.dll

windows10-2004-x64

1

__x64___se...tr.dll

windows10-2004-x64

1

__x64___se...el.dll

windows10-2004-x64

1

__x64___se...lg.dll

windows10-2004-x64

1

__x64___se...ab.dll

windows10-2004-x64

1

__x64___se...rf.dll

windows10-2004-x64

1

__x64___se...on.dll

windows10-2004-x64

1

__x64___se...al.dll

windows10-2004-x64

1

__x64___se...SM.dll

windows10-2004-x64

1

__x64___se...ms.dll

windows10-2004-x64

1

__x64___se...20.dll

windows7-x64

1

__x64___se...20.dll

windows10-2004-x64

1

__x64___se...un.dll

windows10-2004-x64

7

__x64___se...up.msi

windows7-x64

6

__x64___se...up.msi

windows10-2004-x64

__x64___se...ph.dll

windows10-2004-x64

1

__x64___se...rs.dll

windows10-2004-x64

1

__x64___se...rv.dll

windows10-2004-x64

1

__x64___se...re.dll

windows10-2004-x64

1

Analysis

max time kernel
132s
max time network
114s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
01-07-2024 04:18

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

__x64___setup___x32__/SettingMonitor/SessEnv.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

__x64___setup___x32__/SettingMonitor/SettingMonitor.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

__x64___setup___x32__/SettingMonitor/pnrpsvc.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

__x64___setup___x32__/SettingMonitor/uudf.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

__x64___setup___x32__/SettingSync/SettingSync.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

__x64___setup___x32__/SettingSync/rasmontr.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

__x64___setup___x32__/SettingSync/schannel.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

__x64___setup___x32__/SettingSync/sppcommdlg.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

__x64___setup___x32__/dab/dab.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

__x64___setup___x32__/dab/diagperf.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

__x64___setup___x32__/dab/fcon.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

__x64___setup___x32__/dab/hal.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

__x64___setup___x32__/mscms/NPSM.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

__x64___setup___x32__/mscms/mscms.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

__x64___setup___x32__/mscms/msvcp120.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

__x64___setup___x32__/mscms/msvcp120.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

__x64___setup___x32__/mscms/scrrun.dll

Resource

win10v2004-20240508-en

persistence privilege_escalation

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

__x64___setup___x32__/setup.msi

Resource

win7-20240508-en

persistence privilege_escalation

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral19

Sample

__x64___setup___x32__/setup.msi

Resource

win10v2004-20240611-en

rhadamanthys execution persistence privilege_escalation stealer

windows10-2004-x64

17 signatures

150 seconds

Behavioral task

behavioral20

Sample

__x64___setup___x32__/vmrdvcore/mssph.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

__x64___setup___x32__/vmrdvcore/perfctrs.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

__x64___setup___x32__/vmrdvcore/tapisrv.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

__x64___setup___x32__/vmrdvcore/vmrdvcore.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

__x64___setup___x32__/SettingSync/sppcommdlg.dll
Size

312KB
MD5

25059cb01909efc95c978a189c24c20b
SHA1

cbdbfd8cd3c56efd35dc191ec26d4b629c3aaf6c
SHA256

f4561bd188608d78a65df4c509da5f03169af43b9fa3fcef2274ff766edbeb5e
SHA512

93556729cbf23656fc62718b99b3dcf6aa6fac5e4e8dda8ca088ac173a4729b50b45aefb43054f5b1e404cff635abe736b1d2376a8a000e34db4346c42e896be
SSDEEP

6144:JH6nOj2guNJqY/W5R02qO7VKCP1qKkOFaCGVn:J4Oj2RJq3nP1qKUCGVn

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\__x64___setup___x32__\SettingSync\sppcommdlg.dll,#1
1⤵
PID:4624

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy