Overview

overview

7

Static

static

3

Sony Vegas...e).exe

windows7-x64

7

Sony Vegas...e).exe

windows10-2004-x64

7

Analysis

  • max time kernel
    73s
  • max time network
    75s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-06-2023 19:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Sony Vegas Pro 13 (parche).exe

  • Size

    878KB

  • MD5

    b932ec254b999d192fe4ce8e1c0c365f

  • SHA1

    10f0341426298cfe8a09d9d28b4017910f70c6f8

  • SHA256

    e4b70283ac7bf50bc038f501ff19343c111bf1246b3e5e75744a736745ed22a5

  • SHA512

    178083ca261c10547173d34d0b03450a589b6b47c1f44793da692c8ccfcec5a84dbd5568dba3b3bf2e7903102e2a8690c49dabd0c7c7cfb3c40f170e4b7403cd

  • SSDEEP

    24576:DN2HQ0764L6vyqJWBRD0yKVfQHb6YTUd:Dh0Wm6vmvwyKCeL

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Sony Vegas Pro 13 (parche).exe
    "C:\Users\Admin\AppData\Local\Temp\Sony Vegas Pro 13 (parche).exe"
    1⤵
    • Loads dropped DLL
    PID:3756
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x4f8 0x4e4
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4272

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\bassmod.dll
    Filesize

    33KB

    MD5

    e4ec57e8508c5c4040383ebe6d367928

    SHA1

    b22bcce36d9fdeae8ab7a7ecc0b01c8176648d06

    SHA256

    8ad9e47693e292f381da42ddc13724a3063040e51c26f4ca8e1f8e2f1ddd547f

    SHA512

    77d5cf66caf06e192e668fae2b2594e60a498e8e0ccef5b09b9710721a4cdb0c852d00c446fd32c5b5c85e739de2e73cb1f1f6044879fe7d237341bbb6f27822

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\dup2patcher.dll
    Filesize

    580KB

    MD5

    46903044827c806ef6ddb14d2772da69

    SHA1

    098cae42813df526ece9dc0fcfd9d0f515b5ad47

    SHA256

    8dfe47d2805b0904b1bee5e94bfe52a05c8e6de3ebcec5e13a986dff85511aee

    SHA512

    0b8a2a090c46c7fa970eaf7ccbead69c0516f80cd03b67074650966202676aa0f40216c62c98526654bea7fc9592ce173862e9708aed5934beefde8b33dd9ac2

    Download Submit

  • memory/3756-141-0x0000000075B60000-0x0000000075C09000-memory.dmp

    Filesize

    676KB

    Download

  • memory/3756-142-0x0000000010000000-0x0000000010013000-memory.dmp

    Filesize

    76KB

    Download

  • memory/3756-143-0x0000000010000000-0x0000000010013000-memory.dmp

    Filesize

    76KB

    Download

  • memory/3756-144-0x0000000010000000-0x0000000010013000-memory.dmp

    Filesize

    76KB

    Download

  • memory/3756-145-0x0000000010000000-0x0000000010013000-memory.dmp

    Filesize

    76KB

    Download

  • memory/3756-146-0x0000000010000000-0x0000000010013000-memory.dmp

    Filesize

    76KB

    Download

  • memory/3756-147-0x0000000010000000-0x0000000010013000-memory.dmp

    Filesize

    76KB

    Download