Overview

overview

7

Static

static

7

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

SteelSerie...64.dll

windows7-x64

1

SteelSerie...64.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    132s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-04-2024 06:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SteelSeries/GG/cvgamesense/cvevent/games/rainbow_six_siege/__init__.cp310-win_amd64.dll

  • Size

    182KB

  • MD5

    ddef71bb090974034e46008fa8cded47

  • SHA1

    137d45f3344adebfe222c8337e616eb2e8ca1619

  • SHA256

    34fbdca5c04f0f6ba79246c19240f6b527c8445bec9b9fe1c644d6900583416c

  • SHA512

    46614644527019a58b2d2936cbe8e7ca031ba866129686c1df8b46c83a13e8969bb086617c815fd6436a5905506f12ae2173c010d6c3e3a060e54a57382f0b22

  • SSDEEP

    3072:dJRBZBrSCMyS2JYLo7fvsYlC0qyRq6NJ+FlkiKs80X/wqdww3hhz1j:dJvzrSCrzYMjpt5iM0XYjchhh

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\SteelSeries\GG\cvgamesense\cvevent\games\rainbow_six_siege\__init__.cp310-win_amd64.dll,#1
    1⤵
      PID:4836
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:4820
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:2580

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2580-0-0x000001D460E80000-0x000001D460E90000-memory.dmp
        Filesize

        64KB

        Download
      • memory/2580-16-0x000001D460F80000-0x000001D460F90000-memory.dmp
        Filesize

        64KB

        Download
      • memory/2580-32-0x000001D4692F0000-0x000001D4692F1000-memory.dmp
        Filesize

        4KB

        Download
      • memory/2580-34-0x000001D469320000-0x000001D469321000-memory.dmp
        Filesize

        4KB

        Download
      • memory/2580-35-0x000001D469320000-0x000001D469321000-memory.dmp
        Filesize

        4KB

        Download
      • memory/2580-36-0x000001D469430000-0x000001D469431000-memory.dmp
        Filesize

        4KB

        Download