Overview
overview
7Static
static
4Amcrest Su...24.exe
windows7-x64
7Amcrest Su...24.exe
windows10-2004-x64
7Amcrest Su...80.dll
windows7-x64
1Amcrest Su...80.dll
windows10-2004-x64
1Amcrest Su...00.dll
windows7-x64
1Amcrest Su...00.dll
windows10-2004-x64
1Amcrest Su...40.dll
windows7-x64
1Amcrest Su...40.dll
windows10-2004-x64
1Amcrest Su...80.dll
windows7-x64
1Amcrest Su...80.dll
windows10-2004-x64
1Amcrest Su...00.dll
windows7-x64
1Amcrest Su...00.dll
windows10-2004-x64
1Amcrest Su...10.dll
windows7-x64
1Amcrest Su...10.dll
windows10-2004-x64
1Amcrest Su...80.dll
windows7-x64
1Amcrest Su...80.dll
windows10-2004-x64
1Amcrest Su...er.dll
windows7-x64
1Amcrest Su...er.dll
windows10-2004-x64
1Amcrest Su...11.dll
windows7-x64
3Amcrest Su...11.dll
windows10-2004-x64
3Amcrest Su...11.dll
windows7-x64
3Amcrest Su...11.dll
windows10-2004-x64
3Amcrest Su...11.dll
windows7-x64
3Amcrest Su...11.dll
windows10-2004-x64
3Amcrest Su...2d.dll
windows7-x64
1Amcrest Su...2d.dll
windows10-2004-x64
1Amcrest Su...al.dll
windows7-x64
1Amcrest Su...al.dll
windows10-2004-x64
1Amcrest Su...en.dll
windows7-x64
1Amcrest Su...en.dll
windows10-2004-x64
1Amcrest Su...ws.dll
windows7-x64
1Amcrest Su...ws.dll
windows10-2004-x64
1Analysis
-
max time kernel
122s -
max time network
135s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
14/06/2024, 15:12 UTC
Behavioral task
behavioral1
Sample
Amcrest SurveillancePro-Win64_International_IS_V2.003.00AC001.0.R.230524.exe
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
Amcrest SurveillancePro-Win64_International_IS_V2.003.00AC001.0.R.230524.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Amcrest Surveillance Pro/msvcm80.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral4
Sample
Amcrest Surveillance Pro/msvcm80.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Amcrest Surveillance Pro/msvcp100.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral6
Sample
Amcrest Surveillance Pro/msvcp100.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
Amcrest Surveillance Pro/msvcp140.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral8
Sample
Amcrest Surveillance Pro/msvcp140.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
Amcrest Surveillance Pro/msvcp80.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral10
Sample
Amcrest Surveillance Pro/msvcp80.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Amcrest Surveillance Pro/msvcr100.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral12
Sample
Amcrest Surveillance Pro/msvcr100.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
Amcrest Surveillance Pro/msvcr110.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral14
Sample
Amcrest Surveillance Pro/msvcr110.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Amcrest Surveillance Pro/msvcr80.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral16
Sample
Amcrest Surveillance Pro/msvcr80.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Amcrest Surveillance Pro/mwReader.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral18
Sample
Amcrest Surveillance Pro/mwReader.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Amcrest Surveillance Pro/opencv_core2411.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral20
Sample
Amcrest Surveillance Pro/opencv_core2411.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Amcrest Surveillance Pro/opencv_highgui2411.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral22
Sample
Amcrest Surveillance Pro/opencv_highgui2411.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Amcrest Surveillance Pro/opencv_imgproc2411.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral24
Sample
Amcrest Surveillance Pro/opencv_imgproc2411.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Amcrest Surveillance Pro/platforms/qdirect2d.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral26
Sample
Amcrest Surveillance Pro/platforms/qdirect2d.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Amcrest Surveillance Pro/platforms/qminimal.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral28
Sample
Amcrest Surveillance Pro/platforms/qminimal.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Amcrest Surveillance Pro/platforms/qoffscreen.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral30
Sample
Amcrest Surveillance Pro/platforms/qoffscreen.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
Amcrest Surveillance Pro/platforms/qwindows.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral32
Sample
Amcrest Surveillance Pro/platforms/qwindows.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
General
-
Target
Amcrest Surveillance Pro/msvcr110.dll
-
Size
829KB
-
MD5
7c3b449f661d99a9b1033a14033d2987
-
SHA1
6c8c572e736bc53d1b5a608d3d9f697b1bb261da
-
SHA256
ae996edb9b050677c4f82d56092efdc75f0addc97a14e2c46753e2db3f6bd732
-
SHA512
a58783f50176e97284861860628cc930a613168be70411fabafbe6970dcccb8698a6d033cfc94edf415093e51f3d6a4b1ee0f38cc81254bdccb7edfa2e4db4f8
-
SSDEEP
24576:I+9BbHqWVFlB7s2ncm9NBrqWJgS0wzsYmyy6OQ:z9d7M3nS0wV
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2284 wrote to memory of 2084 2284 rundll32.exe 28 PID 2284 wrote to memory of 2084 2284 rundll32.exe 28 PID 2284 wrote to memory of 2084 2284 rundll32.exe 28