2db88f53d61f4fe7503964c044ef930602c40e355fdfc169be8adbc6ddcc03bf

Analysis

max time kernel
278s
max time network
376s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
12/10/2023, 11:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Setup VirtualDJ v8.5.7131.exe
Size

175.4MB
MD5

10af6247af602a77f658f37bb0f0e205
SHA1

9773469157241661d31cd0ba9489ec5c6acc3ef0
SHA256

2db88f53d61f4fe7503964c044ef930602c40e355fdfc169be8adbc6ddcc03bf
SHA512

c6f823051cd9da5d8dc7a204d8c4d0a9880fea3863d996256a6e15c7799308230c164dc6af8377176164ee4df7ee15de0390ea13f77e1c14e8774e770a7a59e6
SSDEEP

3145728:M7hru/r9WMa052wz3atts6KTFH4SK0r/t5/QO5a4XvBD0ndabJUATsv:M7lu/R/a052a3yuTiSbta4/BCdayH

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2516	Setup VirtualDJ v8.5.7131.tmp

Loads dropped DLL 4 IoCs

pid	Process
1620	Setup VirtualDJ v8.5.7131.exe
2516	Setup VirtualDJ v8.5.7131.tmp
2516	Setup VirtualDJ v8.5.7131.tmp
2516	Setup VirtualDJ v8.5.7131.tmp

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2516	Setup VirtualDJ v8.5.7131.tmp

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 1620 wrote to memory of 2516	1620	Setup VirtualDJ v8.5.7131.exe	26
PID 1620 wrote to memory of 2516	1620	Setup VirtualDJ v8.5.7131.exe	26
PID 1620 wrote to memory of 2516	1620	Setup VirtualDJ v8.5.7131.exe	26
PID 1620 wrote to memory of 2516	1620	Setup VirtualDJ v8.5.7131.exe	26
PID 1620 wrote to memory of 2516	1620	Setup VirtualDJ v8.5.7131.exe	26
PID 1620 wrote to memory of 2516	1620	Setup VirtualDJ v8.5.7131.exe	26
PID 1620 wrote to memory of 2516	1620	Setup VirtualDJ v8.5.7131.exe	26

C:\Users\Admin\AppData\Local\Temp\Setup VirtualDJ v8.5.7131.exe
"C:\Users\Admin\AppData\Local\Temp\Setup VirtualDJ v8.5.7131.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1620
- C:\Users\Admin\AppData\Local\Temp\is-CU6DN.tmp\Setup VirtualDJ v8.5.7131.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-CU6DN.tmp\Setup VirtualDJ v8.5.7131.tmp" /SL5="$70120,183528617,121344,C:\Users\Admin\AppData\Local\Temp\Setup VirtualDJ v8.5.7131.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious use of SetWindowsHookEx
  PID:2516

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\is-CU6DN.tmp\Setup VirtualDJ v8.5.7131.tmp

Filesize
1.1MB

MD5
34acc2bdb45a9c436181426828c4cb49

SHA1
5adaa1ac822e6128b8d4b59a54d19901880452ae

SHA256
9c81817acd4982632d8c7f1df3898fca1477577738184265d735f49fc5480f07

SHA512
134ff4022571efd46f7a62e99b857ebe834e9916c786345908010f9e1fb90be226b740ddee16ae9290fe45c86be7238c4555e422abe66a461d11545e19734beb

Download Submit
\Users\Admin\AppData\Local\Temp\is-AVKK3.tmp\ISSKINU.DLL

Filesize
357KB

MD5
f30afccd6fafc1cad4567ada824c9358

SHA1
60a65b72f208563f90fba0da6af013a36707caa9

SHA256
e28d16fad16bca8198c47d7dd44acfd362dd6ba1654f700add8aaf2c0732622d

SHA512
59b199085ed4b59ef2b385a09d0901ff2efde7b344db1e900684a425fc2df8e2010ca73d2f2bffa547040cb1dd4c8938b175c463ccc5e39a840a19f9aa301a6c

Download Submit
\Users\Admin\AppData\Local\Temp\is-AVKK3.tmp\R2RINNO.dll

Filesize
4KB

MD5
5df8ada84a16f5dfc24096ef90a5ce3a

SHA1
5e7e9c68119c3a0a1afc92c60674bc8714492823

SHA256
48a9c8c332fde541b571d9d522d0e37834b452f55af8cbdc341b12222e78fb5b

SHA512
661b5219c74dd6e3a8e899a1b1a3002689d148e337d7323a174519366c9548c284ee76e2faa2f9600cd483db21093ee62399f0d7403c39523c654266760191c2

Download Submit
\Users\Admin\AppData\Local\Temp\is-AVKK3.tmp\SKIN.CJSTYLES

Filesize
813KB

MD5
5f87caf3f7cf63dde8e6af53bdf31289

SHA1
a2c3cc3d9d831acd797155b667db59a32000d7a8

SHA256
4731982b02b067d3f5a5a7518279a9265a49fb0f7b3f8dc3d61b82a5359d4940

SHA512
4875298d82037ef1fff1ee3c58a9059d8480274326c862729fcc56664ecb49e2692c3838948c66dc8336e4050469d831cbf1fbd79b66565ab673d2a67765109d

Download Submit
\Users\Admin\AppData\Local\Temp\is-CU6DN.tmp\Setup VirtualDJ v8.5.7131.tmp

Filesize
1.1MB

MD5
34acc2bdb45a9c436181426828c4cb49

SHA1
5adaa1ac822e6128b8d4b59a54d19901880452ae

SHA256
9c81817acd4982632d8c7f1df3898fca1477577738184265d735f49fc5480f07

SHA512
134ff4022571efd46f7a62e99b857ebe834e9916c786345908010f9e1fb90be226b740ddee16ae9290fe45c86be7238c4555e422abe66a461d11545e19734beb

Download Submit
memory/1620-0-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/1620-7-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/1620-23-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2516-53-0x0000000075FD0000-0x000000007605F000-memory.dmp

Filesize
572KB

Download
memory/2516-55-0x0000000075DE0000-0x0000000075E80000-memory.dmp

Filesize
640KB

Download
memory/2516-30-0x0000000002D20000-0x0000000002D81000-memory.dmp

Filesize
388KB

Download
memory/2516-33-0x0000000002D20000-0x0000000002D81000-memory.dmp

Filesize
388KB

Download
memory/2516-21-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/2516-37-0x0000000075FD0000-0x000000007605F000-memory.dmp

Filesize
572KB

Download
memory/2516-38-0x00000000757E0000-0x000000007593C000-memory.dmp

Filesize
1.4MB

Download
memory/2516-39-0x0000000075DE0000-0x0000000075E80000-memory.dmp

Filesize
640KB

Download
memory/2516-40-0x0000000076450000-0x00000000764ED000-memory.dmp

Filesize
628KB

Download
memory/2516-41-0x0000000075B60000-0x0000000075BB7000-memory.dmp

Filesize
348KB

Download
memory/2516-42-0x0000000076A20000-0x000000007766A000-memory.dmp

Filesize
12.3MB

Download
memory/2516-43-0x0000000075040000-0x0000000075078000-memory.dmp

Filesize
224KB

Download
memory/2516-44-0x0000000074EB0000-0x0000000074FCF000-memory.dmp

Filesize
1.1MB

Download
memory/2516-46-0x0000000074E20000-0x0000000074EAC000-memory.dmp

Filesize
560KB

Download
memory/2516-47-0x0000000000400000-0x000000000052E000-memory.dmp

Filesize
1.2MB

Download
memory/2516-48-0x0000000075C00000-0x0000000075C2A000-memory.dmp

Filesize
168KB

Download
memory/2516-49-0x0000000074DE0000-0x0000000074E12000-memory.dmp

Filesize
200KB

Download
memory/2516-50-0x0000000074C60000-0x0000000074D55000-memory.dmp

Filesize
980KB

Download
memory/2516-51-0x00000000764F0000-0x000000007668D000-memory.dmp

Filesize
1.6MB

Download
memory/2516-52-0x0000000002D20000-0x0000000002D81000-memory.dmp

Filesize
388KB

Download
memory/2516-8-0x0000000000400000-0x000000000052E000-memory.dmp

Filesize
1.2MB

Download
memory/2516-54-0x00000000757E0000-0x000000007593C000-memory.dmp

Filesize
1.4MB

Download
memory/2516-56-0x0000000075400000-0x0000000075409000-memory.dmp

Filesize
36KB

Download
memory/2516-24-0x0000000000400000-0x000000000052E000-memory.dmp

Filesize
1.2MB

Download
memory/2516-57-0x00000000751B0000-0x000000007534E000-memory.dmp

Filesize
1.6MB

Download
memory/2516-58-0x0000000075B60000-0x0000000075BB7000-memory.dmp

Filesize
348KB

Download
memory/2516-59-0x0000000076A20000-0x000000007766A000-memory.dmp

Filesize
12.3MB

Download
memory/2516-60-0x0000000076830000-0x00000000768AB000-memory.dmp

Filesize
492KB

Download
memory/2516-63-0x00000000766A0000-0x0000000076723000-memory.dmp

Filesize
524KB

Download
memory/2516-64-0x0000000075040000-0x0000000075078000-memory.dmp

Filesize
224KB

Download
memory/2516-65-0x0000000075020000-0x0000000075037000-memory.dmp

Filesize
92KB

Download
memory/2516-66-0x0000000074EB0000-0x0000000074FCF000-memory.dmp

Filesize
1.1MB

Download
memory/2516-67-0x0000000074DE0000-0x0000000074E12000-memory.dmp

Filesize
200KB

Download
memory/2516-68-0x0000000074D60000-0x0000000074D99000-memory.dmp

Filesize
228KB

Download
memory/2516-70-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/2516-71-0x00000000764F0000-0x000000007668D000-memory.dmp

Filesize
1.6MB

Download
memory/2516-69-0x0000000074C60000-0x0000000074D55000-memory.dmp

Filesize
980KB

Download
memory/2516-72-0x0000000074BD0000-0x0000000074C06000-memory.dmp

Filesize
216KB

Download
memory/2516-73-0x0000000002D20000-0x0000000002D81000-memory.dmp

Filesize
388KB

Download
memory/2516-74-0x0000000075FD0000-0x000000007605F000-memory.dmp

Filesize
572KB

Download
memory/2516-75-0x0000000075DE0000-0x0000000075E80000-memory.dmp

Filesize
640KB

Download
memory/2516-77-0x00000000750C0000-0x00000000750D2000-memory.dmp

Filesize
72KB

Download
memory/2516-78-0x00000000751B0000-0x000000007534E000-memory.dmp

Filesize
1.6MB

Download
memory/2516-79-0x0000000075B60000-0x0000000075BB7000-memory.dmp

Filesize
348KB

Download
memory/2516-76-0x0000000076450000-0x00000000764ED000-memory.dmp

Filesize
628KB

Download
memory/2516-80-0x0000000076830000-0x00000000768AB000-memory.dmp

Filesize
492KB

Download
memory/2516-82-0x0000000075410000-0x0000000075423000-memory.dmp

Filesize
76KB

Download
memory/2516-83-0x00000000766A0000-0x0000000076723000-memory.dmp

Filesize
524KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads