356718348bcea435440e1eff66f69846adba5bfcd54c0ef651ddc417fc4b768c | Triage

Submit
Reports

Overview

overview

Static

static

3

x64__setup...xe.dll

windows10-2004-x64

1

x64__setup...ep.exe

windows10-2004-x64

1

x64__setup...PS.dll

windows10-2004-x64

1

x64__setup...pi.dll

windows10-2004-x64

1

x64__setup...np.dll

windows10-2004-x64

4

x64__setup...te.dll

windows10-2004-x64

1

x64__setup...OR.dll

windows10-2004-x64

1

x64__setup...er.dll

windows10-2004-x64

1

x64__setup...xt.dll

windows10-2004-x64

1

x64__setup...al.dll

windows10-2004-x64

1

x64__setup...Is.dll

windows10-2004-x64

1

x64__setup...40.dll

windows7-x64

1

x64__setup...40.dll

windows10-2004-x64

1

x64__setup...ov.dll

windows10-2004-x64

1

x64__setup...re.dll

windows10-2004-x64

1

x64__setup...up.msi

windows7-x64

6

x64__setup...up.msi

windows10-2004-x64

x64__setup...ce.dll

windows10-2004-x64

7

x64__setup...SP.dll

windows10-2004-x64

1

x64__setup...ss.dll

windows10-2004-x64

1

x64__setup...ct.dll

windows10-2004-x64

1

x64__setup...bj.dll

windows10-2004-x64

1

x64__setup...st.dll

windows10-2004-x64

7

x64__setup...ct.dll

windows10-2004-x64

1

x64__setup...in.dll

windows10-2004-x64

1

Analysis

max time kernel
94s
max time network
96s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
12/07/2024, 06:49

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

x64__setup__build_18957/Sysprep/en-US/sysprep.exe.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

x64__setup__build_18957/Sysprep/sysprep.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

x64__setup__build_18957/fmapi/SEMgrPS.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

x64__setup__build_18957/fmapi/fmapi.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

x64__setup__build_18957/fmapi/sppnp.dll

Resource

win10v2004-20240704-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

x64__setup__build_18957/fmapi/tzautoupdate.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

x64__setup__build_18957/hal/KBDKOR.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

x64__setup__build_18957/hal/duser.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

x64__setup__build_18957/hal/fontext.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

x64__setup__build_18957/hal/hal.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

x64__setup__build_18957/msvcp140/PeopleAPIs.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

x64__setup__build_18957/msvcp140/msvcp140.dll

Resource

win7-20240705-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

x64__setup__build_18957/msvcp140/msvcp140.dll

Resource

win10v2004-20240704-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

x64__setup__build_18957/msvcp140/ngccredprov.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

x64__setup__build_18957/msvcp140/provdatastore.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

x64__setup__build_18957/setup.msi

Resource

win7-20240704-en

persistence privilege_escalation

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral17

Sample

x64__setup__build_18957/setup.msi

Resource

win10v2004-20240709-en

rhadamanthys execution persistence privilege_escalation stealer

windows10-2004-x64

17 signatures

150 seconds

Behavioral task

behavioral18

Sample

x64__setup__build_18957/spoolss/MSAMRNBSource.dll

Resource

win10v2004-20240709-en

persistence privilege_escalation

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

x64__setup__build_18957/spoolss/ReportingCSP.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

x64__setup__build_18957/spoolss/spoolss.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

x64__setup__build_18957/spoolss/stobject.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

x64__setup__build_18957/sysmain/devobj.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

x64__setup__build_18957/sysmain/eapphost.dll

Resource

win10v2004-20240709-en

persistence privilege_escalation

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

x64__setup__build_18957/sysmain/shacct.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

x64__setup__build_18957/sysmain/sysmain.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

x64__setup__build_18957/hal/hal.dll
Size

17KB
MD5

01fd720f78d7d72e19ca732a909ae005
SHA1

e542847f226190042cfda60dd8be6266d5e5d4a4
SHA256

9c32cef8fb1d4eb0fcec864617b850594eeeac2fe0163de77aa2f947fba4f3be
SHA512

dada83d0ca3f90d5c1e8facdf8141b7098be241efe2800ae51826c7445cf3c6801f751e9f500400af50a672643439975e85ffac0f9f2f2ed56a3f4729361e959
SSDEEP

384:MkqP8+N5nC+k6yIwws9sCQZWu7kWXddhMDBRJM1x85zR9zF6Nn:qi+aITsGFTdhM1PM109z2n

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\x64__setup__build_18957\hal\hal.dll,#1
1⤵
PID:4340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy