88977075356dc9e4c81ff59e5ffc004ab3d62070c1062ce7b690a941d5328090 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

SSDRM_for_...le.exe

windows7-x64

3

SSDRM_for_...le.exe

windows10-2004-x64

3

$PLUGINSDI...md.dll

windows7-x64

3

$PLUGINSDI...md.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

PCWProtect...ce.exe

windows7-x64

7

PCWProtect...ce.exe

windows10-2004-x64

7

GDISpyB.sys

windows7-x64

1

GDISpyB.sys

windows10-2004-x64

1

PCW.dll

windows7-x64

1

PCW.dll

windows10-2004-x64

1

PCW64.dll

windows7-x64

7

PCW64.dll

windows10-2004-x64

7

PCWProtectorB.exe

windows7-x64

1

PCWProtectorB.exe

windows10-2004-x64

1

PCWProtectorDummy.exe

windows7-x64

1

PCWProtectorDummy.exe

windows10-2004-x64

1

PCWProtect...64.exe

windows7-x64

1

PCWProtect...64.exe

windows10-2004-x64

1

PCWProtect...4B.exe

windows7-x64

5

PCWProtect...4B.exe

windows10-2004-x64

5

PCWProtect...eB.exe

windows7-x64

1

PCWProtect...eB.exe

windows10-2004-x64

1

PCWUpdater.exe

windows7-x64

7

PCWUpdater.exe

windows10-2004-x64

7

PCWUpdater64.exe

windows7-x64

7

PCWUpdater64.exe

windows10-2004-x64

7

PscMng.exe

windows7-x64

1

PscMng.exe

windows10-2004-x64

1

RDUtil.dll

windows7-x64

1

RDUtil.dll

windows10-2004-x64

1

Analysis

max time kernel
150s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
24-04-2024 14:07

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

SSDRM_for_mySingle.exe

Resource

win7-20231129-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

SSDRM_for_mySingle.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/ExecCmd.dll

Resource

win7-20240215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/ExecCmd.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/System.dll

Resource

win7-20231129-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

PCWProtectorSetup_Voice_Service.exe

Resource

win7-20240221-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral8

Sample

PCWProtectorSetup_Voice_Service.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral9

Sample

GDISpyB.sys

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

GDISpyB.sys

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

PCW.dll

Resource

win7-20231129-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral12

Sample

PCW.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

PCW64.dll

Resource

win7-20240221-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

PCW64.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

PCWProtectorB.exe

Resource

win7-20240220-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral16

Sample

PCWProtectorB.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral17

Sample

PCWProtectorDummy.exe

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

PCWProtectorDummy.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

PCWProtectorDummy64.exe

Resource

win7-20231129-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

PCWProtectorDummy64.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral21

Sample

PCWProtectorService64B.exe

Resource

win7-20240221-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral22

Sample

PCWProtectorService64B.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral23

Sample

PCWProtectorServiceB.exe

Resource

win7-20240215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

PCWProtectorServiceB.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral25

Sample

PCWUpdater.exe

Resource

win7-20240221-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral26

Sample

PCWUpdater.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral27

Sample

PCWUpdater64.exe

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral28

Sample

PCWUpdater64.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral29

Sample

PscMng.exe

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

PscMng.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral31

Sample

RDUtil.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

RDUtil.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

GDISpyB.sys
Size

39KB
MD5

5cf9e58c41f6b23cfd51cfd2bb843f99
SHA1

f7e2a97188c3e343e4210cf4f8618a16dc2c30f8
SHA256

02113d24b82ec4fd61371f5ceef5fbcf6250d540137c34ba31566f1a6c089c7f
SHA512

f16101f8bc6179de21af2ec6b29dfd1b70c618c5b4a4260a5c23c362d849232b14a9d3d99bc039ae78ef843423297af166434d8b582c487a5ec91c8ecfd3f223
SSDEEP

384:Us+eQb89MP+TPTUYKCwrRt3ayaGBYA7e8Fst3MN4ZvQ094hKulmBqB3j:UslQb6MP+TPTU/5Rt3ayD/78JI/oIz

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\GDISpyB.sys
1⤵
PID:3076
- C:\Users\Admin\AppData\Local\Temp\GDISpyB.sys
  C:\Users\Admin\AppData\Local\Temp\GDISpyB.sys
  2⤵
  PID:2544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2544-0-0x0000000000010000-0x0000000000019F00-memory.dmp

Filesize
39KB

Download

© 2018-2025

Terms | Privacy