a77210dc3ae1df36cab033e2b52ca8c656bd5cbc5257a79220526f32f4bf5949 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

Onn Setup2...08.exe

windows10-2004-x64

8

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...in.dll

windows10-2004-x64

1

$PLUGINSDI...zU.dll

windows10-2004-x64

3

CommFunc.dll

windows10-2004-x64

1

DLL3S_UsbA...32.dll

windows10-2004-x64

3

DLL3S_UsbA...64.dll

windows10-2004-x64

1

DLL3S_UsbA...32.dll

windows10-2004-x64

3

DLL3S_UsbA...64.dll

windows10-2004-x64

1

Driver/CommFunc.dll

windows10-2004-x64

1

Driver/DIFxAPI.dll

windows10-2004-x64

1

Driver/DIFxCmd.exe

windows10-2004-x64

1

Driver/HHT...tr.sys

windows10-2004-x64

1

Driver/Mou...vi.sys

windows10-2004-x64

1

Driver/devcon.exe

windows10-2004-x64

1

Driver/x64...PI.dll

windows10-2004-x64

1

Driver/x64...md.exe

windows10-2004-x64

1

Driver/x64...ve.bat

windows10-2004-x64

1

Driver/x64...up.bat

windows10-2004-x64

5

Driver/x64/HHTHid.sys

windows10-2004-x64

1

Driver/x64...tr.sys

windows10-2004-x64

1

Driver/x64...vi.sys

windows10-2004-x64

1

Driver/x64...id.exe

windows10-2004-x64

8

Driver/x64...vi.sys

windows10-2004-x64

1

Driver/x64...vi.sys

windows10-2004-x64

1

Driver/x64/devcon.exe

windows10-2004-x64

1

DrvInDll.dll

windows10-2004-x64

1

DuiLib.dll

windows10-2004-x64

3

HidServ.dll

windows10-2004-x64

1

HookDLL.dll

windows10-2004-x64

1

KbDaemon.exe

windows10-2004-x64

1

Analysis

max time kernel
96s
max time network
200s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
25/05/2024, 22:17

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Onn Setup20240320V1.0.0.8.08.exe

Resource

win10v2004-20240426-en

discovery persistence

windows10-2004-x64

16 signatures

120 seconds

Behavioral task

behavioral2

Sample

$PLUGINSDIR/BgWorker.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

120 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

120 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/nsNiuniuSkin.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

1 signatures

120 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/nsis7zU.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

120 seconds

Behavioral task

behavioral6

Sample

CommFunc.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

1 signatures

120 seconds

Behavioral task

behavioral7

Sample

DLL3S_UsbAudio16xx_Debug_x32.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

120 seconds

Behavioral task

behavioral8

Sample

DLL3S_UsbAudio16xx_Debug_x64.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral9

Sample

DLL3S_UsbAudio16xx_x32.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

120 seconds

Behavioral task

behavioral10

Sample

DLL3S_UsbAudio16xx_x64.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral11

Sample

Driver/CommFunc.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

120 seconds

Behavioral task

behavioral12

Sample

Driver/DIFxAPI.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

120 seconds

Behavioral task

behavioral13

Sample

Driver/DIFxCmd.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral14

Sample

Driver/HHTHidMouFiltr.sys

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral15

Sample

Driver/MouFiltr_Evi.sys

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral16

Sample

Driver/devcon.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral17

Sample

Driver/x64/DIFxAPI.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral18

Sample

Driver/x64/DIFxCmd.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral19

Sample

Driver/x64/Driver_Remove.bat

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

120 seconds

Behavioral task

behavioral20

Sample

Driver/x64/Driver_Setup.bat

Resource

win10v2004-20240508-en

windows10-2004-x64

6 signatures

120 seconds

Behavioral task

behavioral21

Sample

Driver/x64/HHTHid.sys

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral22

Sample

Driver/x64/HHTHidMouFiltr.sys

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral23

Sample

Driver/x64/HidFiltr_Evi.sys

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral24

Sample

Driver/x64/InstallDriver_HHTHid.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

9 signatures

120 seconds

Behavioral task

behavioral25

Sample

Driver/x64/KbFiltr_Evi.sys

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral26

Sample

Driver/x64/MouFiltr_Evi.sys

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral27

Sample

Driver/x64/devcon.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

120 seconds

Behavioral task

behavioral28

Sample

DrvInDll.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

1 signatures

120 seconds

Behavioral task

behavioral29

Sample

DuiLib.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

120 seconds

Behavioral task

behavioral30

Sample

HidServ.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

1 signatures

120 seconds

Behavioral task

behavioral31

Sample

HookDLL.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

120 seconds

Behavioral task

behavioral32

Sample

KbDaemon.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

120 seconds

Report Analysis Logs

General

Target

Driver/x64/MouFiltr_Evi.sys
Size

29KB
MD5

f9d3df95649ae65bda9b22fcc73cca5e
SHA1

ea46d5e138568080fa7c80b7471a7984e7033096
SHA256

9859bbe498b969a0602b64d2eeee300f645713fc3dc5c1ca75954ed6b315a61d
SHA512

7a2b48ca7a51a34eee66f6c35dd2b80004c65ca92d80c4fb436ca330aa23a0e95f7fdd4b8b2b2f358326ed4c53b1d8c34ae19425b89b9599275f14e5226b2b91
SSDEEP

384:JFDu0H0LIWV2fKehIcOUh20rlms4YQz3UnYPL6iUHeMHeoziWPFRTp9fl9TJh:ri0UsecKehIHGlb4PzEhB1zH17h

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Driver\x64\MouFiltr_Evi.sys
1⤵
PID:1544
- C:\Users\Admin\AppData\Local\Temp\Driver\x64\MouFiltr_Evi.sys
  C:\Users\Admin\AppData\Local\Temp\Driver\x64\MouFiltr_Evi.sys
  2⤵
  PID:3628

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3628-0-0x0000000000010000-0x0000000000018000-memory.dmp

Filesize
32KB

Download

© 2018-2025

Terms | Privacy