Overview

overview

3

Static

static

3

Lossless S...ss.dll

windows7-x64

1

Lossless S...ss.dll

windows10-2004-x64

1

Lossless S...ng.exe

windows7-x64

1

Lossless S...ng.exe

windows10-2004-x64

1

Lossless S..._1.cso

windows7-x64

3

Lossless S..._1.cso

windows10-2004-x64

3

Lossless S..._2.cso

windows7-x64

3

Lossless S..._2.cso

windows10-2004-x64

3

Lossless S..._3.cso

windows7-x64

3

Lossless S..._3.cso

windows10-2004-x64

3

Lossless S..._4.cso

windows7-x64

3

Lossless S..._4.cso

windows10-2004-x64

3

Lossless S..._1.cso

windows7-x64

3

Lossless S..._1.cso

windows10-2004-x64

3

Lossless S..._4.cso

windows7-x64

3

Lossless S..._4.cso

windows10-2004-x64

3

Lossless S...IS.cso

windows7-x64

3

Lossless S...IS.cso

windows10-2004-x64

3

Lossless S...DR.cso

windows7-x64

3

Lossless S...DR.cso

windows10-2004-x64

3

Lossless S...NV.cso

windows7-x64

3

Lossless S...NV.cso

windows10-2004-x64

3

Lossless S...DR.cso

windows7-x64

3

Lossless S...DR.cso

windows10-2004-x64

3

Lossless S...AS.cso

windows7-x64

3

Lossless S...AS.cso

windows10-2004-x64

3

Lossless S...16.cso

windows7-x64

3

Lossless S...16.cso

windows10-2004-x64

3

Lossless S...LE.cso

windows7-x64

3

Lossless S...LE.cso

windows10-2004-x64

3

Lossless S...ME.cso

windows7-x64

3

Lossless S...ME.cso

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    25-06-2024 18:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Lossless Scaling 2.9/Shaders/NIS.cso

  • Size

    26KB

  • MD5

    8e9a02fcd42a22ff0e24bae4ccb57867

  • SHA1

    9ffc772d63e870035c6333f30c458fba70e48c6c

  • SHA256

    90600dc728c3dae6daf0878c183e374508d77e4d6eb11124d817a5d6e132fa71

  • SHA512

    5f8b6dd6b5db99c8c0b6dd4b6cec2206db2c371c060306ec3cafc0bc78f605ad58c50659ea2d1c3c5e83f661d194fc0ecc2d2a53209b85d8b7aa6b1dc4738cd7

  • SSDEEP

    192:gJ7cccyrPMsUO3vUSQlu2Qk5NSVvb04Yn/6K6ynCkC0iEiUrUz08f4GdWZvi9kSZ:c7/1r3GwAQVsIB

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Lossless Scaling 2.9\Shaders\NIS.cso"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:956
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Lossless Scaling 2.9\Shaders\NIS.cso
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2720
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Lossless Scaling 2.9\Shaders\NIS.cso"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2876

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    48f8c9f98dd2d9f5fb280bbfc2767f51

    SHA1

    5455ad2b6b81baad08258edd8e3e779526d12710

    SHA256

    8f873dbd21f11583e3f117e62b12351a2229ef81c010e2ac825d29aa9d4d63a2

    SHA512

    ec8b7d6e1b76b53a67e2e107b6cd9013eb9655232818ea9a1aca22b8d173ca3dea0fc038faae337073cafa04213925b5b73c6c7ba9fa8251c18ef13ab45b1351

    Download Submit