Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

NotePerfor...5].exe

windows11-21h2-x64

4

$3/VST Sup...32.dll

windows11-21h2-x64

3

$3/VST Sup...64.dll

windows11-21h2-x64

1

$COMMONFIL...64.dll

windows11-21h2-x64

1

$PLUGINSDI...ns.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PROGRAMFI...32.dll

windows11-21h2-x64

3

$PROGRAMFI...32.dll

windows11-21h2-x64

3

$PROGRAMFI...64.dll

windows11-21h2-x64

1

$_29_/VSTP...32.dll

windows11-21h2-x64

3

$_29_/VSTP...64.dll

windows11-21h2-x64

1

Analysis

  • max time kernel
    85s
  • max time network
    94s
  • platform
    windows11-21h2_x64
  • resource
    win11-20231222-en
  • resource tags

    arch:x64arch:x86image:win11-20231222-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    25/01/2024, 23:36 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PROGRAMFILES/Sibelius Software/VSTPlugins/NotePerformer32.dll

  • Size

    6.3MB

  • MD5

    d14ae277899149fa0a716690781d5a4c

  • SHA1

    9a746590c30331eb090c231a34cba9e49d2c6c3c

  • SHA256

    bf86ac1b5d0bf425c20b084db568e7aa51be4843494048acf394cbe0d501bf93

  • SHA512

    2b50a5ffe0e329587a7521f2d5d8abfe92ac22b0ee3025532473c7b3d81b95f02d158e8df8f7935971291a848c95ae48e33e87680190ab27c06ec289d9530c53

  • SSDEEP

    49152:On92ef7Mjll9blidjFoEltkCUHgWNQIHEPeqLh7:plUoPCUHgWkeq

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\$PROGRAMFILES\Sibelius Software\VSTPlugins\NotePerformer32.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4432
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\$PROGRAMFILES\Sibelius Software\VSTPlugins\NotePerformer32.dll",#1
      2⤵
        PID:4608
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 4608 -s 556
          3⤵
          • Program crash
          PID:3784
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 372 -p 4608 -ip 4608
      1⤵
        PID:3696

      Network

        No results found
      • 52.111.243.31:443
        322 B
         7
      No results found

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.