Overview

overview

7

Static

static

3

RTSSSetup736.exe

windows7-x64

7

RTSSSetup736.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...st.dll

windows7-x64

3

$PLUGINSDI...st.dll

windows10-2004-x64

3

$PLUGINSDI...64.dll

windows7-x64

1

$PLUGINSDI...64.dll

windows10-2004-x64

1

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...rd.bmp

windows7-x64

3

$PLUGINSDI...rd.bmp

windows10-2004-x64

7

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$R0.dll

windows7-x64

1

$R0.dll

windows10-2004-x64

1

Codec/rtvcvfw32.dll

windows7-x64

1

Codec/rtvcvfw32.dll

windows10-2004-x64

1

DesktopOve...st.exe

windows7-x64

1

DesktopOve...st.exe

windows10-2004-x64

1

DesktopOve...er.exe

windows7-x64

3

DesktopOve...er.exe

windows10-2004-x64

7

EncoderServer.cfg

windows7-x64

3

EncoderServer.cfg

windows10-2004-x64

3

EncoderServer.exe

windows7-x64

1

EncoderServer.exe

windows10-2004-x64

1

EncoderServer64.exe

windows7-x64

1

EncoderServer64.exe

windows10-2004-x64

1

RTFC.dll

windows7-x64

3

RTFC.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-06-2024 12:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RTSSSetup736.exe

  • Size

    16.0MB

  • MD5

    f57c07115788603cf14320f2632f6668

  • SHA1

    28f8643ec2cccaa623f045912453fc299a48f141

  • SHA256

    941cc44f629086310dba8c9e96ab55994f230eef6917a2e70ec6c9b698154d88

  • SHA512

    c89ceff65565872a9b5b4d0d5eee27707f60da8d1dabbfd584ab08703923ec516d085e4da2be9c733b1908402d91b61af05754135715985fa92066691158c956

  • SSDEEP

    393216:qFBK2BtyEcwROqvt3RQVDDdnnao1aQKT0+FTQP28uci:q7BUEcwRdv9RQJxna3A+VQPzi

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\RTSSSetup736.exe
    "C:\Users\Admin\AppData\Local\Temp\RTSSSetup736.exe"
    1⤵
    • Loads dropped DLL
    PID:3524
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1428 --field-trial-handle=2264,i,15001568551143786084,90255922961447677,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:2716

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\nsr3BEC.tmp\LangDLL.dll
      Filesize

      5KB

      MD5

      08de81a4584f5201086f57a7a93ed83b

      SHA1

      266a6ecc8fb7dca115e6915cd75e2595816841a8

      SHA256

      4883cd4231744be2dca4433ef62824b7957a3c16be54f8526270402d9413ebe6

      SHA512

      b72e7cea5ce1f4dc64e65a1f683a3ef9e3fa2dc45cf421f569eb461f1fdcc0caf4ff62a872e62b400579f567c6ff9fc3c2e6e020cdca89d96015502c803a09b9

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\nsr3BEC.tmp\nsDialogs.dll
      Filesize

      9KB

      MD5

      ca5bb0ee2b698869c41c087c9854487c

      SHA1

      4a8abbb2544f1a9555e57a142a147dfeb40c4ca4

      SHA256

      c719697d5ced17d97bbc48662327339ccec7e03f6552aa1d5c248f6fa5f16324

      SHA512

      363a80843d7601ba119bc981c4346188f490b388e3ed390a0667aaf5138b885eec6c69d4e7f60f93b069d6550277f4c926bd0f37bc893928111dc62494124770

      Download Submit