3d30d701fb087416627321c60ab02f143718aefbb3ea7e2689b6fb658ab78ab6

Submit
Reports

Overview

overview

Static

static

VSCodeUser....3.exe

windows7-x64

VSCodeUser....3.exe

windows10-2004-x64

VSCodeUser...-1.dll

windows7-x64

VSCodeUser...-1.dll

windows10-2004-x64

VSCodeUser...10.dll

windows7-x64

VSCodeUser...10.dll

windows10-2004-x64

VSCodeUser...30.dll

windows7-x64

VSCodeUser...30.dll

windows10-2004-x64

VSCodeUser...re.dll

windows7-x64

VSCodeUser...re.dll

windows10-2004-x64

VSCodeUser...bs.dll

windows7-x64

VSCodeUser...bs.dll

windows10-2004-x64

VSCodeUser...ds.dll

windows7-x64

VSCodeUser...ds.dll

windows10-2004-x64

VSCodeUser...ec.dll

windows7-x64

VSCodeUser...ec.dll

windows10-2004-x64

VSCodeUser...ic.dll

windows7-x64

VSCodeUser...ic.dll

windows10-2004-x64

VSCodeUser...l2.dll

windows7-x64

VSCodeUser...l2.dll

windows10-2004-x64

VSCodeUser...ts.xml

windows7-x64

VSCodeUser...ts.xml

windows10-2004-x64

VSCodeUser...el.exe

windows7-x64

VSCodeUser...el.exe

windows10-2004-x64

Resubmissions

04-02-2023 21:43

230204-1lbwcseg47 10

Analysis

max time kernel
81s
max time network
168s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
04-02-2023 21:43

Sharing

Copy URL

Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

VSCodeUserSetup-x64-1.74.3/VSCodeUserSetup-x64-1.74.3.exe

Resource

win7-20220812-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

VSCodeUserSetup-x64-1.74.3/VSCodeUserSetup-x64-1.74.3.exe

Resource

win10v2004-20221111-en

aurora persistence stealer

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral3

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/fold/libgcc_s_seh-1.dll

Resource

win7-20220901-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/fold/libgcc_s_seh-1.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/fold/libgmp-10.dll

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/fold/libgmp-10.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/fold/libgnutls-30.dll

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/fold/libgnutls-30.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfcore.dll

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfcore.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfcsubs.dll

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfcsubs.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfds.dll

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfds.dll

Resource

win10v2004-20221111-en

persistence

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral15

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfdvdec.dll

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfdvdec.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/MemoryDiagnostic.dll

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/MemoryDiagnostic.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/MessagingDataModel2.dll

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/MessagingDataModel2.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/docs/defaults.xml

Resource

win7-20220901-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral22

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/docs/defaults.xml

Resource

win10v2004-20221111-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral23

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/mcupdate_GenuineIntel.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/mcupdate_GenuineIntel.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

VSCodeUserSetup-x64-1.74.3/upl/locales/MemoryDiagnostic.dll
Size

33KB
MD5

14320e135e4d1832a5b167f3c8c91e33
SHA1

1d2d9d9a348ff53d0fb3a28de015b03eaeff9a0c
SHA256

208f1896e3939ca17d3e2de3e0ce38b83443d3a24f475a3e59fb7d2900ca8337
SHA512

ed2bc4d9973c4423f924df696c8783e657abd74f4b418f796e44feae06d6f19e29b1d584dfcf25973dcd78e1ac8e1936e7e6cf8222fbd2b0f6b024627287a8c3
SSDEEP

768:RL+UB0dQH6LQHqxVRgXCoSMIOSUtShlxlTQykqdw1W7MfnCNT3iK+7NIq9:RHB0dNLQHqPyXZIOZGxlTQykqdwCMfnB

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\VSCodeUserSetup-x64-1.74.3\upl\locales\MemoryDiagnostic.dll
1⤵
PID:3884

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads