941cc44f629086310dba8c9e96ab55994f230eef6917a2e70ec6c9b698154d88 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

RTSSSetup736.exe

windows10-2004-x64

8

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...st.dll

windows10-2004-x64

3

$PLUGINSDI...64.dll

windows10-2004-x64

1

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$R0.dll

windows10-2004-x64

1

Codec/rtvcvfw32.dll

windows10-2004-x64

1

DesktopOve...st.exe

windows10-2004-x64

1

DesktopOve...er.exe

windows10-2004-x64

7

EncoderServer.exe

windows10-2004-x64

1

EncoderServer64.exe

windows10-2004-x64

1

RTFC.dll

windows10-2004-x64

3

RTMUI.dll

windows10-2004-x64

3

RTSS.exe

windows10-2004-x64

1

RTSSHooks.dll

windows10-2004-x64

1

RTSSHooks64.dll

windows10-2004-x64

1

RTSSHooksLoader.exe

windows10-2004-x64

1

RTSSHooksLoader64.exe

windows10-2004-x64

1

RTUI.dll

windows10-2004-x64

3

SaveMedia.dll

windows10-2004-x64

1

SaveMedia64.dll

windows10-2004-x64

1

libmfxsw32.dll

windows10-2004-x64

1

libmfxsw64.dll

windows10-2004-x64

1

Analysis

max time kernel
148s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
04/07/2024, 13:14

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

RTSSSetup736.exe

Resource

win10v2004-20240508-en

discovery persistence privilege_escalation

windows10-2004-x64

24 signatures

600 seconds

Behavioral task

behavioral2

Sample

$PLUGINSDIR/LangDLL.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

600 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/LockedList.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

600 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/LockedList64.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/StartMenu.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

600 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

600 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

2 signatures

600 seconds

Behavioral task

behavioral8

Sample

$R0.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral9

Sample

Codec/rtvcvfw32.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral10

Sample

DesktopOverlayHost.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral11

Sample

DesktopOverlayHostLoader.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

6 signatures

600 seconds

Behavioral task

behavioral12

Sample

EncoderServer.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral13

Sample

EncoderServer64.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral14

Sample

RTFC.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

600 seconds

Behavioral task

behavioral15

Sample

RTMUI.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

600 seconds

Behavioral task

behavioral16

Sample

RTSS.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral17

Sample

RTSSHooks.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral18

Sample

RTSSHooks64.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral19

Sample

RTSSHooksLoader.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral20

Sample

RTSSHooksLoader64.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral21

Sample

RTUI.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

600 seconds

Behavioral task

behavioral22

Sample

SaveMedia.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral23

Sample

SaveMedia64.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral24

Sample

libmfxsw32.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral25

Sample

libmfxsw64.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

600 seconds

Report Analysis Logs

General

Target

RTSSHooks64.dll
Size

1.7MB
MD5

286fc8de33e68fa9826c782822a044f2
SHA1

ffb742e751d66467491bb0d6a3779d59b8ec20a3
SHA256

9933e9e768994a268f23bf6d55d110e1cb6b9e9c8b38c7b2544f62099f6c16f9
SHA512

c79a4ef9b4ddb01ea016a612d48833cb80111545e919b5f17d809d3287084addaf657eaa9989a1870c5ae471d093d41f087c6ce034bf1866b10cc1acb37bb6ef
SSDEEP

24576:cfwuSxzFkLuirBvK2BEawUUsext4iCbY9yMNM3g/FTN1EqKYOktCj2:YSxzFkKyBC2RwNNxt45nM63g/FTPc2

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\RTSSHooks64.dll,#1
1⤵
PID:5100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy