14f7b0c1994ddcb34f291f61db1c3a713c2785b489a160aeb273fe88a0d4ad81 | Triage

Submit
Reports

Overview

overview

6

Static

static

3

x64__insta...__.zip

windows7-x64

1

x64__insta...__.zip

windows10-2004-x64

1

__x64___se...__.zip

windows7-x64

1

__x64___se...__.zip

windows10-2004-x64

1

SettingMon...nv.dll

windows10-2004-x64

1

SettingMon...or.dll

windows10-2004-x64

1

SettingMon...vc.dll

windows10-2004-x64

1

SettingMon...df.dll

windows10-2004-x64

1

SettingSyn...nc.dll

windows10-2004-x64

1

SettingSyn...tr.dll

windows10-2004-x64

1

SettingSyn...el.dll

windows10-2004-x64

1

SettingSyn...lg.dll

windows10-2004-x64

1

dab/dab.dll

windows10-2004-x64

1

dab/diagperf.dll

windows10-2004-x64

1

dab/fcon.dll

windows10-2004-x64

1

dab/hal.dll

windows10-2004-x64

1

provcore/ReAgent.dll

windows10-2004-x64

1

provcore/msasn1.dll

windows10-2004-x64

1

provcore/n...er.dll

windows10-2004-x64

1

provcore/provcore.dll

windows10-2004-x64

1

setup.msi

windows7-x64

6

setup.msi

windows10-2004-x64

6

vmrdvcore/mssph.dll

windows10-2004-x64

1

vmrdvcore/...rs.dll

windows10-2004-x64

1

vmrdvcore/tapisrv.dll

windows10-2004-x64

1

vmrdvcore/...re.dll

windows10-2004-x64

1

password.jpg

windows7-x64

3

password.jpg

windows10-2004-x64

3

Resubmissions

08/07/2024, 05:31

240708-f72cxswhmc 7

08/07/2024, 05:21

240708-f192gsthql 6

08/07/2024, 05:17

240708-fy43fswemd 3

Analysis

max time kernel
67s
max time network
74s
platform
windows10-2004_x64
resource
win10v2004-20240704-es
resource tags

arch:x64arch:x86image:win10v2004-20240704-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
08/07/2024, 05:21

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

x64__installer___x32__.zip

Resource

win7-20240705-es

windows7-x64

0 signatures

1200 seconds

Behavioral task

behavioral2

Sample

x64__installer___x32__.zip

Resource

win10v2004-20240508-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral3

Sample

__x64___setup___x32__.zip

Resource

win7-20240705-es

windows7-x64

0 signatures

1200 seconds

Behavioral task

behavioral4

Sample

__x64___setup___x32__.zip

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral5

Sample

SettingMonitor/SessEnv.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral6

Sample

SettingMonitor/SettingMonitor.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral7

Sample

SettingMonitor/pnrpsvc.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral8

Sample

SettingMonitor/uudf.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral9

Sample

SettingSync/SettingSync.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral10

Sample

SettingSync/rasmontr.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral11

Sample

SettingSync/schannel.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral12

Sample

SettingSync/sppcommdlg.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral13

Sample

dab/dab.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral14

Sample

dab/diagperf.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral15

Sample

dab/fcon.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral16

Sample

dab/hal.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral17

Sample

provcore/ReAgent.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral18

Sample

provcore/msasn1.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral19

Sample

provcore/networkhelper.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral20

Sample

provcore/provcore.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral21

Sample

setup.msi

Resource

win7-20240704-es

persistence privilege_escalation

windows7-x64

9 signatures

1200 seconds

Behavioral task

behavioral22

Sample

setup.msi

Resource

win10v2004-20240704-es

persistence privilege_escalation

windows10-2004-x64

9 signatures

1200 seconds

Behavioral task

behavioral23

Sample

vmrdvcore/mssph.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral24

Sample

vmrdvcore/perfctrs.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral25

Sample

vmrdvcore/tapisrv.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral26

Sample

vmrdvcore/vmrdvcore.dll

Resource

win10v2004-20240704-es

windows10-2004-x64

0 signatures

1200 seconds

Behavioral task

behavioral27

Sample

password.jpg

Resource

win7-20240705-es

windows7-x64

2 signatures

1200 seconds

Behavioral task

behavioral28

Sample

password.jpg

Resource

win10v2004-20240704-es

windows10-2004-x64

1 signatures

1200 seconds

Report Analysis Logs

General

Target

vmrdvcore/vmrdvcore.dll
Size

448KB
MD5

c13f52b8a6dad68ea53449f82656b0ff
SHA1

8b71c7aeb4e31152c275fa4c1ca392dc87154406
SHA256

205d81f292a54c6583e4dffc26922690e5771cb9cbcdea8193f3b37a5deb50b0
SHA512

2a22a55a9dcb94424c07a1209e1daa85532be7a4b30f8ae9848772518ca0ff932ac171661057f73e39a22433f09cec5e8a9be9792b8c25c7d550643ac2d582dc
SSDEEP

6144:s/QgOQa/pXgnyqe+YP6CJSJ/MWF++WbhT+0WPSn0Eh3qLBp5HVVTClD83FLOsxtw:sHYSYPR6/z+Z5DOBpF//7/Y5

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\vmrdvcore\vmrdvcore.dll,#1
1⤵
PID:4608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy