Overview
overview
7Static
static
7virtualdub...up.exe
windows7-x64
1virtualdub...up.exe
windows10-2004-x64
1virtualdub...er.dll
windows7-x64
7virtualdub...er.dll
windows10-2004-x64
7virtualdub...rt.dll
windows7-x64
3virtualdub...rt.dll
windows10-2004-x64
3virtualdub...er.dll
windows7-x64
1virtualdub...er.dll
windows10-2004-x64
1virtualdub...er.dll
windows7-x64
7virtualdub...er.dll
windows10-2004-x64
7audio-filters.html
windows7-x64
1audio-filters.html
windows10-2004-x64
1capwarn.html
windows7-x64
1capwarn.html
windows10-2004-x64
1crash.html
windows7-x64
1crash.html
windows10-2004-x64
1d-audiocom...n.html
windows7-x64
1d-audiocom...n.html
windows10-2004-x64
1d-audiocon...n.html
windows7-x64
1d-audiocon...n.html
windows10-2004-x64
1d-audiofilters.html
windows7-x64
1d-audiofilters.html
windows10-2004-x64
1d-audioint...g.html
windows7-x64
1d-audioint...g.html
windows10-2004-x64
1d-audiovolume.html
windows7-x64
1d-audiovolume.html
windows10-2004-x64
1d-capturep...s.html
windows7-x64
1d-capturep...s.html
windows10-2004-x64
1d-captures...s.html
windows7-x64
1d-captures...s.html
windows10-2004-x64
1d-capturevumeter.html
windows7-x64
1d-capturevumeter.html
windows10-2004-x64
1Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 01:05
Behavioral task
behavioral1
Sample
virtualdubmod/AuxSetup.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
virtualdubmod/AuxSetup.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
virtualdubmod/AviSynthLexer.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
virtualdubmod/AviSynthLexer.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
virtualdubmod/PlugIns/Smart.dll
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
virtualdubmod/PlugIns/Smart.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
virtualdubmod/PlugIns/Subtitler.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
virtualdubmod/PlugIns/Subtitler.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
virtualdubmod/SciLexer.dll
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
virtualdubmod/SciLexer.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
audio-filters.html
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
audio-filters.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
capwarn.html
Resource
win7-20240419-en
Behavioral task
behavioral14
Sample
capwarn.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
crash.html
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
crash.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
d-audiocompression.html
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
d-audiocompression.html
Resource
win10v2004-20240426-en
Behavioral task
behavioral19
Sample
d-audioconversion.html
Resource
win7-20240215-en
Behavioral task
behavioral20
Sample
d-audioconversion.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
d-audiofilters.html
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
d-audiofilters.html
Resource
win10v2004-20240426-en
Behavioral task
behavioral23
Sample
d-audiointerleaving.html
Resource
win7-20231129-en
Behavioral task
behavioral24
Sample
d-audiointerleaving.html
Resource
win10v2004-20240426-en
Behavioral task
behavioral25
Sample
d-audiovolume.html
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
d-audiovolume.html
Resource
win10v2004-20240226-en
Behavioral task
behavioral27
Sample
d-capturepreferences.html
Resource
win7-20240419-en
Behavioral task
behavioral28
Sample
d-capturepreferences.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
d-capturesettings.html
Resource
win7-20240508-en
Behavioral task
behavioral30
Sample
d-capturesettings.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral31
Sample
d-capturevumeter.html
Resource
win7-20240508-en
Behavioral task
behavioral32
Sample
d-capturevumeter.html
Resource
win10v2004-20240426-en
General
-
Target
virtualdubmod/PlugIns/Smart.dll
-
Size
44KB
-
MD5
3c1e7aa95258e9a2e0b322b00a1c5578
-
SHA1
fb7215ae0067c3400278c49c020122e78d34460a
-
SHA256
e9803d20a07354c02daa432addd0de0073c41caa09203c813f5d10097733aa65
-
SHA512
3c2b98cdd2c041d06fde477a6fa084c479a74793bd1bbb2edb0cf20def074a90a9fdfa195d68b854de1b1de19c5b7a34ba22261072894f8dc1b4439796f15c82
-
SSDEEP
768:IOnCrdneFLTrxti8egqfiFojzcoUPhbk:KetTrxtiXto1oEk
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 784 2232 WerFault.exe 28 -
Suspicious use of WriteProcessMemory 11 IoCs
description pid Process procid_target PID 2372 wrote to memory of 2232 2372 rundll32.exe 28 PID 2372 wrote to memory of 2232 2372 rundll32.exe 28 PID 2372 wrote to memory of 2232 2372 rundll32.exe 28 PID 2372 wrote to memory of 2232 2372 rundll32.exe 28 PID 2372 wrote to memory of 2232 2372 rundll32.exe 28 PID 2372 wrote to memory of 2232 2372 rundll32.exe 28 PID 2372 wrote to memory of 2232 2372 rundll32.exe 28 PID 2232 wrote to memory of 784 2232 rundll32.exe 29 PID 2232 wrote to memory of 784 2232 rundll32.exe 29 PID 2232 wrote to memory of 784 2232 rundll32.exe 29 PID 2232 wrote to memory of 784 2232 rundll32.exe 29
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\virtualdubmod\PlugIns\Smart.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2372 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\virtualdubmod\PlugIns\Smart.dll,#12⤵
- Suspicious use of WriteProcessMemory
PID:2232 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2232 -s 2243⤵
- Program crash
PID:784
-
-