Overview
overview
10Static
static
4Adobe-Phot...op.exe
windows7_x64
Adobe-Phot...op.exe
windows10-2004_x64
10Adobe-Phot...ft.exe
windows7_x64
1Adobe-Phot...ft.exe
windows10-2004_x64
1Adobe-Phot...er.exe
windows7_x64
1Adobe-Phot...er.exe
windows10-2004_x64
1Adobe-Phot...er.exe
windows7_x64
1Adobe-Phot...er.exe
windows10-2004_x64
1Adobe-Phot...10.dll
windows7_x64
1Adobe-Phot...10.dll
windows10-2004_x64
1Adobe-Phot...??.dll
windows7_x64
3Adobe-Phot...??.dll
windows10-2004_x64
3Adobe-Phot...rv.dll
windows7_x64
3Adobe-Phot...rv.dll
windows10-2004_x64
3Adobe-Phot...er.dll
windows7_x64
1Adobe-Phot...er.dll
windows10-2004_x64
1Adobe-Phot...re.dll
windows7_x64
1Adobe-Phot...re.dll
windows10-2004_x64
1Adobe-Phot...PS.dll
windows7_x64
10Adobe-Phot...PS.dll
windows10-2004_x64
10Adobe-Phot...te.url
windows7_x64
1Adobe-Phot...te.url
windows10-2004_x64
1Adobe-Phot...al.pdf
windows7_x64
1Adobe-Phot...al.pdf
windows10-2004_x64
1Adobe-Phot...el.exe
windows7_x64
1Adobe-Phot...el.exe
windows10-2004_x64
1Adobe-Phot...64.exe
windows7_x64
1Adobe-Phot...64.exe
windows10-2004_x64
1Adobe-Phot...ll.dll
windows7_x64
1Adobe-Phot...ll.dll
windows10-2004_x64
1Adobe-Phot...64.dll
windows7_x64
10Adobe-Phot...64.dll
windows10-2004_x64
10Analysis
-
max time kernel
102s -
max time network
47s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
20-04-2022 22:06
Behavioral task
behavioral1
Sample
Adobe-Photoshop-CC-2022-1.4-main/Adobe Photoshop.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Adobe-Photoshop-CC-2022-1.4-main/Adobe Photoshop.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/Resources/products/packages/Program Files (x86)/Microsoft.exe
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/Resources/products/packages/Program Files (x86)/Microsoft.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral5
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/AppInfo/Launcher/Microsoft Analysis Services/AS OLEDB/110/SQLDumper.exe
Resource
win7-20220414-en
Behavioral task
behavioral6
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/AppInfo/Launcher/Microsoft Analysis Services/AS OLEDB/110/SQLDumper.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral7
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/AppInfo/Microsoft Analysis Services/AS OLEDB/110/SQLDumper.exe
Resource
win7-20220414-en
Behavioral task
behavioral8
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/AppInfo/Microsoft Analysis Services/AS OLEDB/110/SQLDumper.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral9
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/AppInfo/Microsoft Analysis Services/AS OLEDB/110/msolui110.dll
Resource
win7-20220414-en
Behavioral task
behavioral10
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/AppInfo/Microsoft Analysis Services/AS OLEDB/110/msolui110.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral11
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/AppInfo/Microsoft Analysis Services/AS OLEDB/110/xmsrv ? ?????.dll
Resource
win7-20220414-en
Behavioral task
behavioral12
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/AppInfo/Microsoft Analysis Services/AS OLEDB/110/xmsrv ? ?????.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral13
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/AppInfo/Microsoft Analysis Services/AS OLEDB/110/xmsrv.dll
Resource
win7-20220414-en
Behavioral task
behavioral14
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/AppInfo/Microsoft Analysis Services/AS OLEDB/110/xmsrv.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral15
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/CompatProvider.dll
Resource
win7-20220414-en
Behavioral task
behavioral16
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/CompatProvider.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral17
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/DismCore.dll
Resource
win7-20220414-en
Behavioral task
behavioral18
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/DismCore.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral19
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/DismCorePS.dll
Resource
win7-20220414-en
Behavioral task
behavioral20
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/DismCorePS.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral21
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/Program Files (x86)/ASIO4ALL v2/ASIO4ALL Web Site.url
Resource
win7-20220414-en
Behavioral task
behavioral22
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/Program Files (x86)/ASIO4ALL v2/ASIO4ALL Web Site.url
Resource
win10v2004-20220414-en
Behavioral task
behavioral23
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/Program Files (x86)/ASIO4ALL v2/ASIO4ALL v2 Instruction Manual.pdf
Resource
win7-20220414-en
Behavioral task
behavioral24
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/Program Files (x86)/ASIO4ALL v2/ASIO4ALL v2 Instruction Manual.pdf
Resource
win10v2004-20220414-en
Behavioral task
behavioral25
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/Program Files (x86)/ASIO4ALL v2/a4apanel.exe
Resource
win7-20220414-en
Behavioral task
behavioral26
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/Program Files (x86)/ASIO4ALL v2/a4apanel.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral27
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/Program Files (x86)/ASIO4ALL v2/a4apanel64.exe
Resource
win7-20220414-en
Behavioral task
behavioral28
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/Program Files (x86)/ASIO4ALL v2/a4apanel64.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral29
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/Program Files (x86)/ASIO4ALL v2/asio4all.dll
Resource
win7-20220414-en
Behavioral task
behavioral30
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/Program Files (x86)/ASIO4ALL v2/asio4all.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral31
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/Program Files (x86)/ASIO4ALL v2/asio4all64.dll
Resource
win7-20220414-en
Behavioral task
behavioral32
Sample
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/Program Files (x86)/ASIO4ALL v2/asio4all64.dll
Resource
win10v2004-20220414-en
General
-
Target
Adobe-Photoshop-CC-2022-1.4-main/packages/packages/CompatProvider.dll
-
Size
153KB
-
MD5
3fdd65dc6f4cde851ae0bb6131ad64a6
-
SHA1
cbd59cde42d7486fa26cdf74240c536b3a21759d
-
SHA256
bc324ad41c0a846bcfdca8f77b6a31038f9c85c546810e61ad256c7169232203
-
SHA512
14663ff5f948bdd15a5a2ef6c8c22d3ecf34de81676fa434c3ba9a8907673896ea7e68d687fe9d77ec3702be992f42cd4283408682386708fcbc5cff64051596
Malware Config
Signatures
-
Modifies registry class 10 IoCs
Processes:
regsvr32.exedescription ioc process Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{05747318-FC18-4267-8B57-E560A6130990}\1.0\0 regsvr32.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{05747318-FC18-4267-8B57-E560A6130990}\1.0\0\win64\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\Adobe-Photoshop-CC-2022-1.4-main\\packages\\packages\\CompatProvider.dll" regsvr32.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{05747318-FC18-4267-8B57-E560A6130990}\1.0\HELPDIR\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\Adobe-Photoshop-CC-2022-1.4-main\\packages\\packages" regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{05747318-FC18-4267-8B57-E560A6130990} regsvr32.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{05747318-FC18-4267-8B57-E560A6130990}\1.0\FLAGS\ = "0" regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{05747318-FC18-4267-8B57-E560A6130990}\1.0\FLAGS regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{05747318-FC18-4267-8B57-E560A6130990}\1.0\0\win64 regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{05747318-FC18-4267-8B57-E560A6130990}\1.0\HELPDIR regsvr32.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{05747318-FC18-4267-8B57-E560A6130990}\1.0 regsvr32.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{05747318-FC18-4267-8B57-E560A6130990}\1.0\ = "CompatProvider 1.0 Type Library" regsvr32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1664-54-0x000007FEFBEB1000-0x000007FEFBEB3000-memory.dmpFilesize
8KB