3d30d701fb087416627321c60ab02f143718aefbb3ea7e2689b6fb658ab78ab6

Submit
Reports

Overview

overview

Static

static

VSCodeUser....3.exe

windows7-x64

VSCodeUser....3.exe

windows10-2004-x64

VSCodeUser...-1.dll

windows7-x64

VSCodeUser...-1.dll

windows10-2004-x64

VSCodeUser...10.dll

windows7-x64

VSCodeUser...10.dll

windows10-2004-x64

VSCodeUser...30.dll

windows7-x64

VSCodeUser...30.dll

windows10-2004-x64

VSCodeUser...re.dll

windows7-x64

VSCodeUser...re.dll

windows10-2004-x64

VSCodeUser...bs.dll

windows7-x64

VSCodeUser...bs.dll

windows10-2004-x64

VSCodeUser...ds.dll

windows7-x64

VSCodeUser...ds.dll

windows10-2004-x64

VSCodeUser...ec.dll

windows7-x64

VSCodeUser...ec.dll

windows10-2004-x64

VSCodeUser...ic.dll

windows7-x64

VSCodeUser...ic.dll

windows10-2004-x64

VSCodeUser...l2.dll

windows7-x64

VSCodeUser...l2.dll

windows10-2004-x64

VSCodeUser...ts.xml

windows7-x64

VSCodeUser...ts.xml

windows10-2004-x64

VSCodeUser...el.exe

windows7-x64

VSCodeUser...el.exe

windows10-2004-x64

Resubmissions

04-02-2023 21:43

230204-1lbwcseg47 10

Analysis

max time kernel
24s
max time network
34s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
04-02-2023 21:43

Sharing

Copy URL

Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

VSCodeUserSetup-x64-1.74.3/VSCodeUserSetup-x64-1.74.3.exe

Resource

win7-20220812-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

VSCodeUserSetup-x64-1.74.3/VSCodeUserSetup-x64-1.74.3.exe

Resource

win10v2004-20221111-en

aurora persistence stealer

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral3

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/fold/libgcc_s_seh-1.dll

Resource

win7-20220901-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/fold/libgcc_s_seh-1.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/fold/libgmp-10.dll

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/fold/libgmp-10.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/fold/libgnutls-30.dll

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/fold/libgnutls-30.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfcore.dll

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfcore.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfcsubs.dll

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfcsubs.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfds.dll

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfds.dll

Resource

win10v2004-20221111-en

persistence

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral15

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfdvdec.dll

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

VSCodeUserSetup-x64-1.74.3/upl/app/resources/mfdvdec.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/MemoryDiagnostic.dll

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/MemoryDiagnostic.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/MessagingDataModel2.dll

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/MessagingDataModel2.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/docs/defaults.xml

Resource

win7-20220901-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral22

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/docs/defaults.xml

Resource

win10v2004-20221111-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral23

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/mcupdate_GenuineIntel.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

VSCodeUserSetup-x64-1.74.3/upl/locales/mcupdate_GenuineIntel.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

VSCodeUserSetup-x64-1.74.3/upl/app/fold/libgnutls-30.dll
Size

2.0MB
MD5

bec8114a164a68f590268056a950cb68
SHA1

593fa9ca63c7355fb1dc91ab10f7293ee2b1bebc
SHA256

aae19ff2bf6cde4d35197d7cca9ccfab8b0641bdd499ea70df5c723d17cc15e9
SHA512

da3f07c7119451cf6864fa69d3c0afa03a157cf7ee0d22ffe8ef7416ab0de081033ea2b6bc5a3e9504923461519d58c186c811ceacd8ce48072f85497cccff44
SSDEEP

49152:cIrOBzTBiUM62O/7ikRWXAf8EClorGtlqIlv4L0al8AfXk2XAxOqe4TF:cIUIwfGlJ4L70OqeGF

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\VSCodeUserSetup-x64-1.74.3\upl\app\fold\libgnutls-30.dll,#1
1⤵
PID:1728

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads