f3176e0859ba92049dcd57685c1b5f49b97183ff49fcc79f2ce4ad2b31d2d843 | Triage

Submit
Reports

Overview

overview

Static

static

7

Vortax App Setup.exe

windows10-2004-x64

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Accessibility.dll

windows10-2004-x64

1

D3DCompile...r3.dll

windows10-2004-x64

1

DirectWrit...er.dll

windows10-2004-x64

1

Microsoft.CSharp.dll

windows10-2004-x64

1

Microsoft....64.dll

windows10-2004-x64

1

Microsoft....re.dll

windows10-2004-x64

1

Microsoft....ms.dll

windows10-2004-x64

1

Microsoft....ic.dll

windows10-2004-x64

Microsoft....es.dll

windows10-2004-x64

1

Microsoft....ol.dll

windows10-2004-x64

1

Microsoft....ry.dll

windows10-2004-x64

1

Microsoft....ts.dll

windows10-2004-x64

1

PenImc_cor3.dll

windows10-2004-x64

1

PresentationCore.dll

windows10-2004-x64

1

Presentati...re.dll

windows10-2004-x64

1

Presentati...ta.dll

windows10-2004-x64

1

Presentati...ng.dll

windows10-2004-x64

1

Presentati...ml.dll

windows10-2004-x64

1

Presentati...nq.dll

windows10-2004-x64

1

Presentati...ro.dll

windows10-2004-x64

1

Presentati...o2.dll

windows10-2004-x64

1

Presentati...te.dll

windows10-2004-x64

1

Presentati...ic.dll

windows10-2004-x64

1

Presentati...na.dll

windows10-2004-x64

1

Presentati...le.dll

windows10-2004-x64

1

Presentati...rk.dll

windows10-2004-x64

1

Presentati...r3.dll

windows10-2004-x64

1

PresentationUI.dll

windows10-2004-x64

1

Resubmissions

19/07/2024, 16:44

240719-t9bryatfme 10

02/05/2024, 07:54

240502-jrj1gseg96 10

Analysis

max time kernel
131s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
02/05/2024, 07:54

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Vortax App Setup.exe

Resource

win10v2004-20240419-en

hijackloader rhadamanthys stealc discovery loader spyware stealer

windows10-2004-x64

21 signatures

150 seconds

Behavioral task

behavioral2

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/LangDLL.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

Accessibility.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

D3DCompiler_47_cor3.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

DirectWriteForwarder.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Microsoft.CSharp.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Microsoft.DiaSymReader.Native.amd64.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Microsoft.VisualBasic.Core.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Microsoft.VisualBasic.Forms.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

Microsoft.VisualBasic.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Microsoft.Win32.Primitives.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Microsoft.Win32.Registry.AccessControl.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Microsoft.Win32.Registry.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

Microsoft.Win32.SystemEvents.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

PenImc_cor3.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

PresentationCore.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

PresentationFramework-SystemCore.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

PresentationFramework-SystemData.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

PresentationFramework-SystemDrawing.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

PresentationFramework-SystemXml.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

PresentationFramework-SystemXmlLinq.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

PresentationFramework.Aero.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

PresentationFramework.Aero2.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

PresentationFramework.AeroLite.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

PresentationFramework.Classic.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

PresentationFramework.Luna.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

PresentationFramework.Royale.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

PresentationFramework.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

PresentationNative_cor3.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

PresentationUI.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

PresentationNative_cor3.dll
Size

1.2MB
MD5

274761a595f86982214221b5685b3218
SHA1

b908013028cb07fb799de2e48b6492404add6069
SHA256

6d5910c0a0a4e3ee8863e4dadc73662d28ae9bfcda4a52960e26c1237386851a
SHA512

3f9cf3d8e428619b798374f2e2a6ef9cf4213428277a74306978552772aae1a4a9ae7247c2dc893c0054d480dda871bbd74b0bc4afd65b0f584958d501ed8867
SSDEEP

24576:hS6Z8wCW4XArBKSyuvy/VKg0v7E7lITY7vYUNli1sR/HD0MEWhuoNajzuIWMMMQg:h18wCbArBK3H0v7wITcQUNlf/HDtuog1

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\PresentationNative_cor3.dll,#1
1⤵
PID:4160

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy