71398ec09f40842b05470aad1456b80febc1548c3fd17f576e76dbf67dacc8ee

Analysis

max time kernel
204s
max time network
484s
platform
windows10-1703_x64
resource
win10-20220812-en
resource tags

arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
submitted
24-11-2022 23:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

install.exe
Size

14KB
MD5

942e4fb44758825919050799067da1b1
SHA1

8805c5d8a7cfa59acec65994b19dca80ee0b03cb
SHA256

6050219bcfca1243ed88d0d9f3046591365b192a2930819e84f3a8582a310373
SHA512

6f429fdada238fd6e7876a6360510ed3444ec3b212a5e29a1a0137fe8569a74caf450cbcf57c0d3f0aa3035ae6a68e986150f37f07338c7d31bedee261f54ad9
SSDEEP

384:sUGKSdRJHK2W9jUGTpwl3A45xexdyWNvwfkx:FGjHK2bU0ayWNvt

Score

1^/10

Malware Config

Signatures

Modifies registry class 10 IoCs

Processes:

install.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VRChat\URL Protocol	install.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VRChat\ = "URL:VRChat Protocol"	install.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VRChat\DefaultIcon	install.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VRChat\DefaultIcon\ = "VRChat.exe,1"	install.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VRChat\shell	install.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VRChat\shell\open	install.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VRChat\shell\open\command	install.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\VRChat	install.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\VRChat\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Temp\\launch.exe\" \"%1\" %*"	install.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\Classes\VRChat\ProtocolVersion = "1067"	install.exe

C:\Users\Admin\AppData\Local\Temp\install.exe
"C:\Users\Admin\AppData\Local\Temp\install.exe"
1⤵
- Modifies registry class
PID:3592

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3592-117-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-118-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-119-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-120-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-121-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-122-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-123-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-124-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-125-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-126-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-127-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-128-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-129-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-130-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-131-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-132-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-133-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-134-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-135-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-136-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-137-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-138-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-139-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-140-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-141-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-142-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-143-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-144-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-145-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-146-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-147-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-148-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-149-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-150-0x00000000006B0000-0x00000000006BA000-memory.dmp

Filesize
40KB

Download
memory/3592-151-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-152-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-153-0x00000000053B0000-0x00000000058AE000-memory.dmp

Filesize
5.0MB

Download
memory/3592-154-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-155-0x0000000004F50000-0x0000000004FE2000-memory.dmp

Filesize
584KB

Download
memory/3592-156-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-157-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-158-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-159-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-160-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-161-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-162-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-164-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-163-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-165-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-166-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-167-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-168-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-169-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-170-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-171-0x00000000052F0000-0x00000000052FA000-memory.dmp

Filesize
40KB

Download
memory/3592-172-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-173-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-174-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-175-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-176-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-177-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download
memory/3592-178-0x0000000076EF0000-0x000000007707E000-memory.dmp

Filesize
1.6MB

Download