df430e88e62b426b7c75ba29eb28eff3b77714999a28c6f9aa9172085f78cd3a | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Stremio+4.4.165.exe

windows10-2004-x64

7

qmltooling...er.dll

windows10-2004-x64

1

qmltooling...or.dll

windows10-2004-x64

1

qmltooling...al.dll

windows10-2004-x64

1

qmltooling...es.dll

windows10-2004-x64

1

qmltooling...ve.dll

windows10-2004-x64

1

qmltooling...er.dll

windows10-2004-x64

1

qmltooling...ew.dll

windows10-2004-x64

1

qmltooling...er.dll

windows10-2004-x64

1

qmltooling...er.dll

windows10-2004-x64

1

qmltooling...er.dll

windows10-2004-x64

1

qmltooling...cp.dll

windows10-2004-x64

1

resources/...ces.js

windows10-2004-x64

1

resources/...00p.js

windows10-2004-x64

1

resources/...00p.js

windows10-2004-x64

1

scenegraph...nd.dll

windows10-2004-x64

1

server.js

windows10-2004-x64

1

ssleay32.dll

windows10-2004-x64

1

stremio-runtime.exe

windows10-2004-x64

1

stremio.exe

windows10-2004-x64

7

styles/qwi...le.dll

windows10-2004-x64

1

sureware.dll

windows10-2004-x64

1

swresample-3.dll

windows10-2004-x64

1

swscale-5.dll

windows10-2004-x64

1

ubsec.dll

windows10-2004-x64

3

vccorlib140.dll

windows10-2004-x64

3

vcruntime140.dll

windows10-2004-x64

3

virtualkey...ul.dll

windows10-2004-x64

1

virtualkey...nn.dll

windows10-2004-x64

1

virtualkey...in.dll

windows10-2004-x64

1

virtualkey...me.dll

windows10-2004-x64

1

virtualkey...ai.dll

windows10-2004-x64

1

Analysis

max time kernel
219s
max time network
305s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
04-03-2024 00:18

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Stremio+4.4.165.exe

Resource

win10v2004-20240226-en

discovery spyware stealer

windows10-2004-x64

16 signatures

300 seconds

Behavioral task

behavioral2

Sample

qmltooling/qmldbg_debugger.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral3

Sample

qmltooling/qmldbg_inspector.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral4

Sample

qmltooling/qmldbg_local.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral5

Sample

qmltooling/qmldbg_messages.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral6

Sample

qmltooling/qmldbg_native.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral7

Sample

qmltooling/qmldbg_nativedebugger.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral8

Sample

qmltooling/qmldbg_preview.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral9

Sample

qmltooling/qmldbg_profiler.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral10

Sample

qmltooling/qmldbg_quickprofiler.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral11

Sample

qmltooling/qmldbg_server.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral12

Sample

qmltooling/qmldbg_tcp.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral13

Sample

resources/qtwebengine_resources.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral14

Sample

resources/qtwebengine_resources_100p.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral15

Sample

resources/qtwebengine_resources_200p.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral16

Sample

scenegraph/qsgd3d12backend.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral17

Sample

server.js

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral18

Sample

ssleay32.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral19

Sample

stremio-runtime.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral20

Sample

stremio.exe

Resource

win10v2004-20240226-en

spyware stealer

windows10-2004-x64

9 signatures

300 seconds

Behavioral task

behavioral21

Sample

styles/qwindowsvistastyle.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral22

Sample

sureware.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral23

Sample

swresample-3.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral24

Sample

swscale-5.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral25

Sample

ubsec.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

300 seconds

Behavioral task

behavioral26

Sample

vccorlib140.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

300 seconds

Behavioral task

behavioral27

Sample

vcruntime140.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

300 seconds

Behavioral task

behavioral28

Sample

virtualkeyboard/qtvirtualkeyboard_hangul.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral29

Sample

virtualkeyboard/qtvirtualkeyboard_openwnn.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral30

Sample

virtualkeyboard/qtvirtualkeyboard_pinyin.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral31

Sample

virtualkeyboard/qtvirtualkeyboard_tcime.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral32

Sample

virtualkeyboard/qtvirtualkeyboard_thai.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

1 signatures

300 seconds

Report Analysis Logs

General

Target

swresample-3.dll
Size

119KB
MD5

2b5d5cd64bfd36dc2626426b622c1d1b
SHA1

0396f99084b1edcd7334b8a4b3770ebc5c3331bb
SHA256

40b7a2e6014b9a96796123eae3f9a4d2d094e09933d967bd0bd60b59fd0253e4
SHA512

eb1f5f535e21b8ebe1ef92b84e9a5ef566b1a00a73d44bd3c612e9f409faec18b346dd2950a857571e73fa66767975dd34a5c973468dab44bc6dbc61dc144d76
SSDEEP

1536:U8t5nQ+N/FETDszapsX9m1uwE/HbyO5x9OY0uua3ebArMgP1nfn3m4NYdo:xt5nQ+NdEfAjHVZebkPx/m4H

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\swresample-3.dll,#1
1⤵
PID:2408

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3888 --field-trial-handle=2264,i,13734085038406049477,12426093271221802693,262144 --variations-seed-version /prefetch:8
1⤵
PID:2576

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy