7df1bb6fa77ab4cbe61c63c52d3166bc31e7661d22854b26c728f0a3da28b402

Resubmissions

24/12/2023, 16:25

231224-txctgacgc7 7

24/12/2023, 16:12

231224-tnvmxsheen 3

Analysis

max time kernel
1s
max time network
83s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
24/12/2023, 16:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3DS-RPC.exe
Size

48.8MB
MD5

0133841bb12a50fd066bff6aec79b89c
SHA1

8ef4c0b7c4c934a50fb096dff9d862720cd5a619
SHA256

7df1bb6fa77ab4cbe61c63c52d3166bc31e7661d22854b26c728f0a3da28b402
SHA512

1d8cfa4e88a2a53429140a8f5d69574e0c7795112cd0f3c7edeec014a206bf0da6a31d4f1cd2397eb13e3fa8e3bc9b09d232de760e4c1cb1cff89c321ae842de
SSDEEP

1572864:/x9XXGMK4XR3bLSCU/+6yQXb9Ri/xW5GTo:3XgYRPSC++6y8jip21

Score

1^/10

Malware Config

Signatures

C:\Users\Admin\AppData\Local\Temp\3DS-RPC.exe
"C:\Users\Admin\AppData\Local\Temp\3DS-RPC.exe"
1⤵
PID:2248
- C:\Users\Admin\AppData\Local\Temp\3DS-RPC.exe
  "C:\Users\Admin\AppData\Local\Temp\3DS-RPC.exe"
  2⤵
  PID:1964

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef67e9758,0x7fef67e9768,0x7fef67e9778
  2⤵
  PID:2080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1128 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:2
  2⤵
  PID:2472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1644 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:8
  2⤵
  PID:1468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2356 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:1
  2⤵
  PID:1812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2280 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:1
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1524 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:8
  2⤵
  PID:1844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1476 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:2
  2⤵
  PID:2796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1436 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:8
  2⤵
  PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=2820 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:1
  2⤵
  PID:2888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3564 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:8
  2⤵
  PID:2976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3672 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:8
  2⤵
  PID:2620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3656 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:8
  2⤵
  PID:1528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3304 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:8
  2⤵
  PID:2936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3748 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:1
  2⤵
  PID:552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1876 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:1
  2⤵
  PID:2480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:8
  2⤵
  PID:2576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2336 --field-trial-handle=1216,i,3375050613999523095,16987961592916472425,131072 /prefetch:1
  2⤵
  PID:2500

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
359B

MD5
ea215688a426f86d448b406459b672f5

SHA1
c639e5c6f1ddfb82390c2e0fc87e537c247aaab0

SHA256
8ecf1fbc4347375341d3ff09c1f972e429fcad0b1f8bc80304888c0ac5d5d819

SHA512
b4ceefd739fbacfdfa89e0942b82c69330d1d0ca3968df4277008574de53423c758c55b973fe1a7a635fce3ebf6832defeb74054da54a4d7d604ce86a4dc9566

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
359B

MD5
5ae1127b9ad5b199b422a7a3eba0f69f

SHA1
1ff89a7ac020fc375e296d1228d2c08e308ba351

SHA256
d4ecf4c858c84247213dda0ee11a3b23e6310aa6f0ce955fef88287f1c6a8f49

SHA512
bbe42278a317467625605997fc3e3b09bf7559d020a21896abdc50c699a83c24fc5900ae5d264b1c2875ed5ad4856a938b5b200087d8cd95c3bd828214f7e49a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
37f43bfbba39c4299d6db3d4d03fea74

SHA1
f0a225f661643e1db26d33f1b94db6f4ee213300

SHA256
76fb06cc003fd85d6df212f098b23434b9f651c42a7bee28b0b212afc67e424c

SHA512
9867f7afc4ecabbb173e3fededa4b96301ce8aad49613b8cba68e75322680ac4830ad6947de8321e66cf4c9ea76af0f0db568270dc92a86a75bb606bca10aea6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
56e78fe461a547f7aaa6e2cc7d0e5093

SHA1
9541b81ce30cb24389858d68edd68a9ffd4806ef

SHA256
64dad207d23762f423c12255469019c090ec154422485b833edaa50786d062e6

SHA512
d4689c552b01c194752312250bcc2b1387b8c8f344db6c2b3ba95198b241d5d6719bcfb116cd2564cc456544b1ba82e1b536c2b033b8ea8131586d133cfee6e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
201KB

MD5
4e915ed46fb60411efd052deeb436abb

SHA1
8aea1d62f3f14a17b7cce0f6f1f19e301ef0bbcc

SHA256
e93e0f8be6fecfc2c72a5426e7794ce3fee66e70ae854256fbc8336e89dcdc33

SHA512
d6da84b2c13a29c1ef766ad01cb6b35b07f98ad53b8b8d54017062f2cf279d74cebb3381960d3b8fe6b68f49cfc5c4cf5642a39bc09da94606cd129116ede648

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabE1C9.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarE1DC.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI22482\python310.dll

Filesize
146KB

MD5
efd7840759930dadb1ec4010963665ad

SHA1
3c4851bc076c64aaf9169c801dbfba7b5bc42908

SHA256
6daf8a1feb6d41eb5cd2bb3140f32367adb5f5448a4fe4f028ebcef8c3048fb3

SHA512
9586593f8b40dac3c18b6026f7817bc7e4fc8f50a2cae74b6858aaac892b0218dc451b13c34191463def63a987885859605fa29c85c0a65b12f00bcbce91bbc2

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI22482\ucrtbase.dll

Filesize
143KB

MD5
820f3d253d52fc477d52c2b04fc843d8

SHA1
9bb7a28d8ecfd6b5d305b0ee52d38c9009abffbe

SHA256
8223093a60f60926d60dcb043f4a9719a37dbf95a86d120e83b7990223ae37d4

SHA512
599b98f5b336efd5dcb1b9f6e7d67a82008601f3559b9324c1715f05a22c000499c7a22beb43efa06f63f4343bced33325c23287a1fb22fce486158a0b2544b6

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI22482\api-ms-win-core-file-l1-2-0.dll

Filesize
20KB

MD5
d92e6a007fc22a1e218552ebfb65da93

SHA1
3c9909332e94f7b7386664a90f52730f4027a75a

SHA256
03bd3217eae0ef68521b39556e7491292db540f615da873dd8da538693b81862

SHA512
b8b0e6052e68c08e558e72c168e4ff318b1907c4dc5fc1cd1104f5cae7cc418293013dabbb30c835a5c35a456e1cb22cc352b7ae40f82b9b7311bb7419d854c7

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI22482\api-ms-win-core-file-l2-1-0.dll

Filesize
20KB

MD5
50abf0a7ee67f00f247bada185a7661c

SHA1
0cddac9ac4db3bf10a11d4b79085ef9cb3fb84a1

SHA256
f957a4c261506484b53534a9be8931c02ec1a349b3f431a858f8215cecfec3f7

SHA512
c2694bb5d103baff1264926a04d2f0fe156b8815a23c3748412a81cc307b71a9236a0e974b5549321014065e393d10228a0f0004df9ba677f03b5d244a64b528

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI22482\api-ms-win-core-localization-l1-2-0.dll

Filesize
20KB

MD5
de5695f26a0bcb54f59a8bc3f9a4ecef

SHA1
99c32595f3edc2c58bdb138c3384194831e901d6

SHA256
e9539fce90ad8be582b25ab2d5645772c2a5fb195e602ecdbf12b980656e436a

SHA512
df635d5d51cdea24885ae9f0406f317ddcf04ecb6bfa26579bb2e256c457057607844ded4b52ff1f5ca25abe29d1eb2b20f1709cf19035d3829f36bbe31f550f

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI22482\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
20KB

MD5
74c264cffc09d183fcb1555b16ea7e4b

SHA1
0b5b08cdf6e749b48254ac811ca09ba95473d47c

SHA256
a8e2fc077d9a7d2faa85e1e6833047c90b22c6086487b98fc0e6a86b7bf8bf09

SHA512
285afbcc39717510ced2ed096d9f77fc438268ecaa59cff3cf167fcc538e90c73c67652046b0ee379e0507d6e346af79d43c51a571c6dd66034f9385a73d00d1

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI22482\api-ms-win-core-timezone-l1-1-0.dll

Filesize
20KB

MD5
cb39eea2ef9ed3674c597d5f0667b5b4

SHA1
c133dc6416b3346fa5b0f449d7cc6f7dbf580432

SHA256
1627b921934053f1f7d2a19948aee06fac5db8ee8d4182e6f071718d0681f235

SHA512
2c65014dc045a2c1e5f52f3fea4967d2169e4a78d41fe56617ce9a4d5b30ebf25043112917ff3d7d152744ddef70475937ae0a7f96785f97dcefafe8e6f14d9c

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI22482\python310.dll

Filesize
69KB

MD5
dbb6952189173fe73dff92c36f1a5450

SHA1
91eddeafe083989ae548be925bc66a9c7ec6f8be

SHA256
45100d2edcc58e134c58512e38c6c7c482ecf78ef0cd77394ca00cb3dda795af

SHA512
f8c7ca0a356c44a1089bb3acec4bdea64514d4e6809d163cd3e6a8f8e9e009099fe642fefbb07fec9fe78f8ab9e4c689bb1c0e59c85f30e180f2e4019953afbc

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI22482\ucrtbase.dll

Filesize
136KB

MD5
56eb56177239196d706eb384067f7f01

SHA1
fcbf00a1fbd2fa6f6af5655ad827b8a0689e6d07

SHA256
be174658166c19cbacf4c65f4b74dddd6f259ebcf5834ea28f9e93d8465b5228

SHA512
a590f5f8274c12a60b52ad5d7a55620d9cc476b529aa7764db73b823866e7259aaca9a1d4fc0eabd4ef32b34d3c30996508e02174cf62c5dd890b8ae16d04ec8

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads