Overview
overview
7Static
static
3PowerISO v...7z.dll
windows11-21h2-x64
3PowerISO v...ll.dll
windows11-21h2-x64
3PowerISO v...SH.dll
windows11-21h2-x64
1PowerISO v..._1.dll
windows11-21h2-x64
7PowerISO v...VM.exe
windows11-21h2-x64
1PowerISO v...SO.chm
windows11-21h2-x64
1PowerISO v...SO.exe
windows11-21h2-x64
3PowerISO v...on.exe
windows11-21h2-x64
1PowerISO v..._1.exe
windows11-21h2-x64
1PowerISO v...nc.dll
windows11-21h2-x64
3PowerISO v...AC.dll
windows11-21h2-x64
3PowerISO v...is.dll
windows11-21h2-x64
3PowerISO v...so.exe
windows11-21h2-x64
1PowerISO v...64.exe
windows11-21h2-x64
1PowerISO v...ws.dll
windows11-21h2-x64
1PowerISO v...ar.dll
windows11-21h2-x64
3PowerISO v...64.dll
windows11-21h2-x64
1PowerISO v...ll.dll
windows11-21h2-x64
1PowerISO v...SH.dll
windows11-21h2-x64
7PowerISO v...VM.exe
windows11-21h2-x64
1PowerISO v...SO.chm
windows11-21h2-x64
1PowerISO v...SO.exe
windows11-21h2-x64
7PowerISO v...on.exe
windows11-21h2-x64
1PowerISO v...nc.dll
windows11-21h2-x64
1PowerISO v...AC.dll
windows11-21h2-x64
1PowerISO v...is.dll
windows11-21h2-x64
1PowerISO v...so.exe
windows11-21h2-x64
1PowerISO v...64.exe
windows11-21h2-x64
1PowerISO v...64.dll
windows11-21h2-x64
1PowerISO v... 8.exe
windows11-21h2-x64
7$PLUGINSDI...ec.dll
windows11-21h2-x64
3$PLUGINSDI...ry.dll
windows11-21h2-x64
3Analysis
-
max time kernel
150s -
max time network
158s -
platform
windows11-21h2_x64 -
resource
win11-20240426-en -
resource tags
arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system -
submitted
26/05/2024, 10:24
Static task
static1
Behavioral task
behavioral1
Sample
PowerISO v8.8 Portable/App/PowerISO/7z.dll
Resource
win11-20240419-en
windows11-21h2-x64
Behavioral task
behavioral2
Sample
PowerISO v8.8 Portable/App/PowerISO/MACDll.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral3
Sample
PowerISO v8.8 Portable/App/PowerISO/PWRISOSH.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral4
Sample
PowerISO v8.8 Portable/App/PowerISO/PWRISOSH_1.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral5
Sample
PowerISO v8.8 Portable/App/PowerISO/PWRISOVM.exe
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral6
Sample
PowerISO v8.8 Portable/App/PowerISO/PowerISO.chm
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral7
Sample
PowerISO v8.8 Portable/App/PowerISO/PowerISO.exe
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral8
Sample
PowerISO v8.8 Portable/App/PowerISO/devcon.exe
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral9
Sample
PowerISO v8.8 Portable/App/PowerISO/devcon_1.exe
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral10
Sample
PowerISO v8.8 Portable/App/PowerISO/lame_enc.dll
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral11
Sample
PowerISO v8.8 Portable/App/PowerISO/libFLAC.dll
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral12
Sample
PowerISO v8.8 Portable/App/PowerISO/libvorbis.dll
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral13
Sample
PowerISO v8.8 Portable/App/PowerISO/piso.exe
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral14
Sample
PowerISO v8.8 Portable/App/PowerISO/setup64.exe
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral15
Sample
PowerISO v8.8 Portable/App/PowerISO/unicows.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral16
Sample
PowerISO v8.8 Portable/App/PowerISO/unrar.dll
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral17
Sample
PowerISO v8.8 Portable/App/PowerISO64/7z-x64.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral18
Sample
PowerISO v8.8 Portable/App/PowerISO64/MACDll.dll
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral19
Sample
PowerISO v8.8 Portable/App/PowerISO64/PWRISOSH.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral20
Sample
PowerISO v8.8 Portable/App/PowerISO64/PWRISOVM.exe
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral21
Sample
PowerISO v8.8 Portable/App/PowerISO64/PowerISO.chm
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral22
Sample
PowerISO v8.8 Portable/App/PowerISO64/PowerISO.exe
Resource
win11-20240419-en
windows11-21h2-x64
Behavioral task
behavioral23
Sample
PowerISO v8.8 Portable/App/PowerISO64/devcon.exe
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral24
Sample
PowerISO v8.8 Portable/App/PowerISO64/lame_enc.dll
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral25
Sample
PowerISO v8.8 Portable/App/PowerISO64/libFLAC.dll
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral26
Sample
PowerISO v8.8 Portable/App/PowerISO64/libvorbis.dll
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral27
Sample
PowerISO v8.8 Portable/App/PowerISO64/piso.exe
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral28
Sample
PowerISO v8.8 Portable/App/PowerISO64/setup64.exe
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral29
Sample
PowerISO v8.8 Portable/App/PowerISO64/unrar64.dll
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral30
Sample
PowerISO v8.8 Portable/PowerISO 8.exe
Resource
win11-20240426-en
windows11-21h2-x64
Behavioral task
behavioral31
Sample
$PLUGINSDIR/nsExec.dll
Resource
win11-20240508-en
windows11-21h2-x64
Behavioral task
behavioral32
Sample
$PLUGINSDIR/registry.dll
Resource
win11-20240508-en
windows11-21h2-x64
General
-
Target
PowerISO v8.8 Portable/App/PowerISO64/PowerISO.chm
-
Size
445KB
-
MD5
f02e1818b0832d7f691bff21c3936a15
-
SHA1
b382eba0307465e702915d828b90bb800ddb138e
-
SHA256
0ae7759b48541b18cdbfc8c697b81f2561c4345898d20c59d5507dc95ea17130
-
SHA512
bef060034d3e7eb562865abeb44837088e91a9d86c3047894801bf067c168bd55d5114fe817f812daf265b8ff645acd291865bbf79f4c966b36de2c98337d951
-
SSDEEP
6144:MUgv1jJhCsoQAVsudzKSbtJ1EkJ3/Nr7GWgIegNtHiNiSsClV3nf/H0r0r8Qcu87:jsPowkd+SR0kfr7GWgc8QCn3S0Vcyw3
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 5068 hh.exe 5068 hh.exe