Overview

overview

3

Static

static

3

VCDSLoader.exe

windows11-21h2-x64

Analysis

  • max time kernel
    105s
  • max time network
    110s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240709-en
  • resource tags

    arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    10/07/2024, 15:17

Sharing

Copy URL Twitter E-mail

Errors

Reason
Machine shutdown
Report Analysis Logs

General

  • Target

    VCDSLoader.exe

  • Size

    2.6MB

  • MD5

    66fec23675aa9ad15d413b1631ca78f5

  • SHA1

    4a636cdc9ffe92ab5cf73634948e9a02d9524db1

  • SHA256

    179cd43c2b87414e394a511cead872c1cd3ca35811b3609f704874a656fc9b01

  • SHA512

    73360335f04fbfdbc98febdcdd6709c660a045f0765f389796eefd1e8e1decf346e97a98feab11e63371d2d89e8e7b64c888930093b2dcb602e191d52e681607

  • SSDEEP

    49152:zE5ZT77/MV2zS9U7fQnpB+24TkjMn4UcnHM0q7iTdveR20GXRUKiU049WY13hmND:MTvS9U7fKpB+wjM49Hpq7iTdGkrXRUKu

Score
1/10

Malware Config

Signatures

  • Modifies data under HKEY_USERS 15 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\VCDSLoader.exe
    "C:\Users\Admin\AppData\Local\Temp\VCDSLoader.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:4292
  • C:\Windows\system32\LogonUI.exe
    "LogonUI.exe" /flags:0x4 /state0:0xa3a1e055 /state1:0x41c64e6d
    1⤵
    • Modifies data under HKEY_USERS
    • Suspicious use of SetWindowsHookEx
    PID:4848

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4292-0-0x0000000000400000-0x00000000008A8000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/4292-1-0x0000000002610000-0x0000000002611000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4292-2-0x0000000000400000-0x00000000008A8000-memory.dmp

          Filesize

          4.7MB

          Download