Overview
overview
7Static
static
3OBS-Studio...64.exe
windows7-x64
7OBS-Studio...64.exe
windows10-2004-x64
7data/obs-p...ext.py
windows7-x64
3data/obs-p...ext.py
windows10-2004-x64
3data/obs-p...r.html
windows7-x64
1data/obs-p...r.html
windows10-2004-x64
1obs-plugin...ja.dll
windows7-x64
1obs-plugin...ja.dll
windows10-2004-x64
1obs-plugin...lf.dll
windows7-x64
1obs-plugin...lf.dll
windows10-2004-x64
1obs-plugin...er.dll
windows7-x64
1obs-plugin...er.dll
windows10-2004-x64
1obs-plugin...ns.dll
windows7-x64
1obs-plugin...ns.dll
windows10-2004-x64
1obs-plugin...ui.dll
windows7-x64
1obs-plugin...ui.dll
windows10-2004-x64
1obs-plugin...nk.dll
windows7-x64
1obs-plugin...nk.dll
windows10-2004-x64
1obs-plugin...ls.dll
windows7-x64
1obs-plugin...ls.dll
windows10-2004-x64
1obs-plugin...ce.dll
windows7-x64
1obs-plugin...ce.dll
windows10-2004-x64
1obs-plugin...GL.dll
windows7-x64
1obs-plugin...GL.dll
windows10-2004-x64
1obs-plugin...v2.dll
windows7-x64
1obs-plugin...v2.dll
windows10-2004-x64
1obs-plugin...ef.dll
windows7-x64
1obs-plugin...ef.dll
windows10-2004-x64
1obs-plugin...ge.exe
windows7-x64
1obs-plugin...ge.exe
windows10-2004-x64
1obs-plugin...er.dll
windows7-x64
1obs-plugin...er.dll
windows10-2004-x64
1Analysis
-
max time kernel
120s -
max time network
143s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
13/02/2024, 14:38
Static task
static1
Behavioral task
behavioral1
Sample
OBS-Studio-30.0.2-Full-Installer-x64.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
OBS-Studio-30.0.2-Full-Installer-x64.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
data/obs-plugins/frontend-tools/scripts/url-text.py
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral4
Sample
data/obs-plugins/frontend-tools/scripts/url-text.py
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
data/obs-plugins/obs-browser/error.html
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral6
Sample
data/obs-plugins/obs-browser/error.html
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
obs-plugins/64bit/aja.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral8
Sample
obs-plugins/64bit/aja.dll
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
obs-plugins/64bit/chrome_elf.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral10
Sample
obs-plugins/64bit/chrome_elf.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
obs-plugins/64bit/coreaudio-encoder.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral12
Sample
obs-plugins/64bit/coreaudio-encoder.dll
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
obs-plugins/64bit/decklink-captions.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral14
Sample
obs-plugins/64bit/decklink-captions.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
obs-plugins/64bit/decklink-output-ui.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral16
Sample
obs-plugins/64bit/decklink-output-ui.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
obs-plugins/64bit/decklink.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral18
Sample
obs-plugins/64bit/decklink.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
obs-plugins/64bit/frontend-tools.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral20
Sample
obs-plugins/64bit/frontend-tools.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
obs-plugins/64bit/image-source.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral22
Sample
obs-plugins/64bit/image-source.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
obs-plugins/64bit/libEGL.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral24
Sample
obs-plugins/64bit/libEGL.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
obs-plugins/64bit/libGLESv2.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral26
Sample
obs-plugins/64bit/libGLESv2.dll
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
obs-plugins/64bit/libcef.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral28
Sample
obs-plugins/64bit/libcef.dll
Resource
win10v2004-20231222-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
obs-plugins/64bit/obs-browser-page.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral30
Sample
obs-plugins/64bit/obs-browser-page.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
obs-plugins/64bit/obs-browser.dll
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral32
Sample
obs-plugins/64bit/obs-browser.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
obs-plugins/64bit/libGLESv2.dll
-
Size
6.2MB
-
MD5
30bb883e79514875d7a6d1134612347a
-
SHA1
f7b0555affaa47e0a86732561595913f8cbf2ca2
-
SHA256
d09f4379828a0487a6af24dad7cc8ec68b03bdf5a094067f609db5adc8efa44c
-
SHA512
a7d45c219e89672a33d6fd629c8f6003e419dfae6ce9fb86c1fe11ce244724ff65df6b7ddc8360b0e47c2f14ec167261933f3c4908ffe43cdbce4d62977101b9
-
SSDEEP
49152:ZIr6m257PMPb04nJGowmHlQQCIkHKxf1xvOGdlJUqkAY6rwT9a5czej/B4RrbhW:V+sDq2+lEsKizqcGss8+1K
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1312 wrote to memory of 1716 1312 rundll32.exe 28 PID 1312 wrote to memory of 1716 1312 rundll32.exe 28 PID 1312 wrote to memory of 1716 1312 rundll32.exe 28