837ec0e9287fcb56331695971c618ce18f14dff0107ccd5749bd51c75bccc6d6 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

IniParser.dll

windows10-2004-x64

1

Iron.dll

windows10-2004-x64

1

Microsoft....on.dll

windows10-2004-x64

1

Microsoft....ts.dll

windows10-2004-x64

1

Microsoft....ns.dll

windows10-2004-x64

1

Microsoft....ns.dll

windows10-2004-x64

1

Microsoft....ns.dll

windows10-2004-x64

1

Microsoft....al.dll

windows10-2004-x64

1

Microsoft....ns.dll

windows10-2004-x64

1

Microsoft....og.dll

windows10-2004-x64

1

Microsoft....ns.dll

windows10-2004-x64

1

Microsoft....es.dll

windows10-2004-x64

1

Microsoft....op.dll

windows10-2004-x64

1

Microsoft....ng.dll

windows10-2004-x64

1

Microsoft....PF.dll

windows10-2004-x64

1

Microsoft....ns.dll

windows10-2004-x64

1

Microsoft....re.dll

windows10-2004-x64

1

Microsoft....ms.dll

windows10-2004-x64

1

Microsoft....pf.dll

windows10-2004-x64

1

Microsoft....ll.dll

windows10-2004-x64

1

Microsoft....ck.dll

windows10-2004-x64

1

Newtonsoft...on.dll

windows10-2004-x64

1

Newtonsoft.Json.dll

windows10-2004-x64

1

Rift.exe

windows10-2004-x64

1

Rift.exe

windows10-2004-x64

1

SharpVecto...pf.dll

windows10-2004-x64

1

SharpVectors.Core.dll

windows10-2004-x64

1

SharpVectors.Css.dll

windows10-2004-x64

1

SharpVectors.Dom.dll

windows10-2004-x64

1

SharpVecto...el.dll

windows10-2004-x64

1

SharpVecto...di.dll

windows10-2004-x64

1

Analysis

max time kernel
0s
max time network
10s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
06-01-2024 05:39

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

IniParser.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Iron.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

Microsoft.AspNetCore.Authorization.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Microsoft.AspNetCore.Components.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Microsoft.Extensions.Configuration.Abstractions.dll

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Microsoft.Extensions.Configuration.FileExtensions.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Microsoft.Extensions.DependencyInjection.Abstractions.dll

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Microsoft.Extensions.FileProviders.Physical.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Microsoft.Extensions.Logging.Abstractions.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Microsoft.Extensions.Logging.EventLog.dll

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Microsoft.Extensions.Options.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

Microsoft.Extensions.Primitives.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Microsoft.JSInterop.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Microsoft.MobileBlazorBindings.Hosting.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Microsoft.MobileBlazorBindings.WPF.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Microsoft.Toolkit.Uwp.Notifications.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Microsoft.Web.WebView2.Core.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

Microsoft.Web.WebView2.WinForms.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

Microsoft.Web.WebView2.Wpf.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

Microsoft.WindowsAPICodePack.Shell.dll

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Microsoft.WindowsAPICodePack.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

Newtonsoft.Json.Bson.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

Newtonsoft.Json.dll

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

Rift.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

Rift.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

SharpVectors.Converters.Wpf.dll

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

SharpVectors.Core.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

SharpVectors.Css.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

SharpVectors.Dom.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

SharpVectors.Model.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

SharpVectors.Rendering.Gdi.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Rift.exe
Size

279KB
MD5

53079cfec7e72232789416f1adb5e41e
SHA1

7f9099600f8bd745cf020a93ae3c4b9278624a8e
SHA256

9b2661b1eefc555a5ccacc9eef7285d3fe288e71d75351eb2e7b4f4fcba9b945
SHA512

e752de02a5b8be11dd243c9eed341247b0a3302b42371a6e51932c64855dcc428e2ffd2076b9a7faa798c6544884576b0df23b82784d09f5b9f0479bd47624ba
SSDEEP

3072:D6eSqsywT/IiODn5Ikt8pKO9WpheWyutIRMQc59uxmZx:DLDn5I7p8hen2n

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\Rift.exe
"C:\Users\Admin\AppData\Local\Temp\Rift.exe"
1⤵
PID:4124

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
PID:2712

C:\Windows\System32\GameBarPresenceWriter.exe
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
1⤵
PID:4332

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
PID:4264

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
PID:1372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\Videos\Captures\desktop.ini

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

© 2018-2024

Terms | Privacy