Overview

overview

7

Static

static

3

SSDRM_for_...le.exe

windows7-x64

3

SSDRM_for_...le.exe

windows10-2004-x64

3

$PLUGINSDI...md.dll

windows7-x64

3

$PLUGINSDI...md.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

PCWProtect...ce.exe

windows7-x64

7

PCWProtect...ce.exe

windows10-2004-x64

7

GDISpyB.sys

windows7-x64

1

GDISpyB.sys

windows10-2004-x64

1

PCW.dll

windows7-x64

1

PCW.dll

windows10-2004-x64

1

PCW64.dll

windows7-x64

7

PCW64.dll

windows10-2004-x64

7

PCWProtectorB.exe

windows7-x64

1

PCWProtectorB.exe

windows10-2004-x64

1

PCWProtectorDummy.exe

windows7-x64

1

PCWProtectorDummy.exe

windows10-2004-x64

1

PCWProtect...64.exe

windows7-x64

1

PCWProtect...64.exe

windows10-2004-x64

1

PCWProtect...4B.exe

windows7-x64

5

PCWProtect...4B.exe

windows10-2004-x64

5

PCWProtect...eB.exe

windows7-x64

1

PCWProtect...eB.exe

windows10-2004-x64

1

PCWUpdater.exe

windows7-x64

7

PCWUpdater.exe

windows10-2004-x64

7

PCWUpdater64.exe

windows7-x64

7

PCWUpdater64.exe

windows10-2004-x64

7

PscMng.exe

windows7-x64

1

PscMng.exe

windows10-2004-x64

1

RDUtil.dll

windows7-x64

1

RDUtil.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-04-2024 14:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PscMng.exe

  • Size

    231KB

  • MD5

    a7f5b19e18c37d940988a7af1f79140b

  • SHA1

    c8b764a422a2d2b2069bb06822f764bc659e4629

  • SHA256

    417645b171e67f17cb839ecd0d7ae5bbc017fba0d9c642a3bbac94f37aa156b1

  • SHA512

    2699b356e1499663631d0f157cba61682d55e47072702c0b9c6e28312ccbde1ed55fa72b6b6a176b8a12dd526108e4dd58dbf5cc4a40f85863974f86e8e17416

  • SSDEEP

    3072:7mtoS+daC87NfTE6MCYNafSy8PArpn7EY8/0jAAaN8JI7vSrjc:6iaC+NAN2Sm8/mAxAr

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\PscMng.exe
    "C:\Users\Admin\AppData\Local\Temp\PscMng.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads