75b5599f00d4ef27851cebbbdab901b2761cf918cb44573492f22b73e3096453

Submit
Reports

Overview

overview

Static

static

Content.Wa...ty.dll

windows7-x64

Content.Wa...ty.dll

windows10-2004-x64

Content.Wa...er.dll

windows7-x64

Content.Wa...er.dll

windows10-2004-x64

Content.Wa...me.dll

windows7-x64

Content.Wa...me.dll

windows10-2004-x64

Content.Wa...me.dll

windows7-x64

Content.Wa...me.dll

windows10-2004-x64

Content.Wa...et.dll

windows7-x64

Content.Wa...et.dll

windows10-2004-x64

Content.Wa...ib.dll

windows7-x64

Content.Wa...ib.dll

windows10-2004-x64

Content.Wa...rd.dll

windows7-x64

Content.Wa...rd.dll

windows10-2004-x64

Content.Wa...ld.dll

windows7-x64

Content.Wa...ld.dll

windows10-2004-x64

Content.Wa...me.dll

windows7-x64

Content.Wa...me.dll

windows10-2004-x64

Content.Wa...rp.dll

windows7-x64

Content.Wa...rp.dll

windows10-2004-x64

Content.Wa...In.dll

windows7-x64

Content.Wa...In.dll

windows10-2004-x64

Content.Wa...on.dll

windows7-x64

Content.Wa...on.dll

windows10-2004-x64

Content.Wa...dk.dll

windows7-x64

Content.Wa...dk.dll

windows10-2004-x64

Content.Wa...ed.dll

windows7-x64

Content.Wa...ed.dll

windows10-2004-x64

Content.Wa...pv.dll

windows7-x64

Content.Wa...pv.dll

windows10-2004-x64

Content.Wa...on.dll

windows7-x64

Content.Wa...on.dll

windows10-2004-x64

Analysis

max time kernel
104s
max time network
205s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
12-04-2024 22:21

Sharing

Copy URL

Twitter E-mail

Static task

static1

blackguard

2 signatures

Behavioral task

behavioral1

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/Zorro.PhotonUtility.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/Zorro.PhotonUtility.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/Zorro.Recorder.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/Zorro.Recorder.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/Zorro.Settings.Runtime.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/Zorro.Settings.Runtime.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/Zorro.UI.Runtime.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/Zorro.UI.Runtime.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/com.rlabrecque.steamworks.net.dll

Resource

win7-20240319-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/com.rlabrecque.steamworks.net.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/mscorlib.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/mscorlib.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/netstandard.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/netstandard.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/pworld.dll

Resource

win7-20240215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/pworld.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/sc.posteffects.runtime.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/sc.posteffects.runtime.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/websocket-sharp.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Managed/websocket-sharp.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/AudioIn.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/AudioIn.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/audioplugin_phonon.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/audioplugin_phonon.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/discord_game_sdk.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/discord_game_sdk.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral27

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/lib_burst_generated.dll

Resource

win7-20231129-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/lib_burst_generated.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/opus_egpv.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/opus_egpv.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/phonon.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/phonon.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Content.Warning.v1.9.b-0xdeadc0de/Content Warning_Data/Plugins/x86_64/discord_game_sdk.dll
Size

3.7MB
MD5

a70393adb60ba6f2e55aef6e6fdd18da
SHA1

5bd9ad15ecf6a60f0a2ebccad8a890e792f0e021
SHA256

e95e8d46087b846396c340b299fc20295a9aa79e328d2265e45d05ddc8782a0e
SHA512

f0d66508699106008ae3296cf5b795ee83e99152267863bd4062321f2646ddfe99c9bd52922ab410aeba45b0a7c24c4f525bed6938dcf1a702c6d6edea74d13d
SSDEEP

49152:Er3bGelmX4fb86zSY14Bwc9yQkqdvca0psNH0MUpDWxjupPfHS2XSgRenP8H9cso:/t2Wano+vp

Score

1^/10

Malware Config

Signatures

Modifies registry class 1 IoCs

Processes:

rundll32.exe

description ioc process

Key created \REGISTRY\USER\S-1-5-21-1826666146-2574340311-1877551059-1000_Classes\Local Settings rundll32.exe
Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

OpenWith.exe

pid process

4768 OpenWith.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-1826666146-2574340311-1877551059-1000_Classes\Local Settings	rundll32.exe

pid	process
4768	OpenWith.exe

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Content.Warning.v1.9.b-0xdeadc0de\Content Warning_Data\Plugins\x86_64\discord_game_sdk.dll",#1
1⤵
- Modifies registry class
PID:4368

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Suspicious use of SetWindowsHookEx
PID:4768

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads