Overview

overview

7

Static

static

3

Stremio+4.4.165.exe

windows10-2004-x64

7

qmltooling...er.dll

windows10-2004-x64

1

qmltooling...or.dll

windows10-2004-x64

1

qmltooling...al.dll

windows10-2004-x64

1

qmltooling...es.dll

windows10-2004-x64

1

qmltooling...ve.dll

windows10-2004-x64

1

qmltooling...er.dll

windows10-2004-x64

1

qmltooling...ew.dll

windows10-2004-x64

1

qmltooling...er.dll

windows10-2004-x64

1

qmltooling...er.dll

windows10-2004-x64

1

qmltooling...er.dll

windows10-2004-x64

1

qmltooling...cp.dll

windows10-2004-x64

1

resources/...ces.js

windows10-2004-x64

1

resources/...00p.js

windows10-2004-x64

1

resources/...00p.js

windows10-2004-x64

1

scenegraph...nd.dll

windows10-2004-x64

1

server.js

windows10-2004-x64

1

ssleay32.dll

windows10-2004-x64

1

stremio-runtime.exe

windows10-2004-x64

1

stremio.exe

windows10-2004-x64

7

styles/qwi...le.dll

windows10-2004-x64

1

sureware.dll

windows10-2004-x64

1

swresample-3.dll

windows10-2004-x64

1

swscale-5.dll

windows10-2004-x64

1

ubsec.dll

windows10-2004-x64

3

vccorlib140.dll

windows10-2004-x64

3

vcruntime140.dll

windows10-2004-x64

3

virtualkey...ul.dll

windows10-2004-x64

1

virtualkey...nn.dll

windows10-2004-x64

1

virtualkey...in.dll

windows10-2004-x64

1

virtualkey...me.dll

windows10-2004-x64

1

virtualkey...ai.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    259s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-03-2024 00:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ubsec.dll

  • Size

    13KB

  • MD5

    44f0c7269540e6ca38045cc4febbc63f

  • SHA1

    71b8426b963a0e6ed571c4b00a3ea84a25c61659

  • SHA256

    286e42c19ab6eda3d668b6222a46f981b3f45f8da0fb95e54a06c3c6a5f6056d

  • SHA512

    b37c47073be4fa2b03675004a655a56dfa380691393b82ab2560c61c7111f47f1d92460325c789314ea172d56c3094ed79ed11051fc4d571329d78081994c202

  • SSDEEP

    192:fjq1ixeVI50uWbKaD7qX9B1UbR5BqDe3X7VHpplXS3NBuAq3XGU0o8+:AixYuWbZEQbRT3rVHwdBcH0x

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\ubsec.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\ubsec.dll,#1
      2⤵
        PID:3652
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 3652 -s 628
          3⤵
          • Program crash
          PID:4696
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 3652 -ip 3652
      1⤵
        PID:2756

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads