356718348bcea435440e1eff66f69846adba5bfcd54c0ef651ddc417fc4b768c | Triage

Submit
Reports

Overview

overview

Static

static

3

x64__setup...xe.dll

windows10-2004-x64

1

x64__setup...ep.exe

windows10-2004-x64

1

x64__setup...PS.dll

windows10-2004-x64

1

x64__setup...pi.dll

windows10-2004-x64

1

x64__setup...np.dll

windows10-2004-x64

4

x64__setup...te.dll

windows10-2004-x64

1

x64__setup...OR.dll

windows10-2004-x64

1

x64__setup...er.dll

windows10-2004-x64

1

x64__setup...xt.dll

windows10-2004-x64

1

x64__setup...al.dll

windows10-2004-x64

1

x64__setup...Is.dll

windows10-2004-x64

1

x64__setup...40.dll

windows7-x64

1

x64__setup...40.dll

windows10-2004-x64

1

x64__setup...ov.dll

windows10-2004-x64

1

x64__setup...re.dll

windows10-2004-x64

1

x64__setup...up.msi

windows7-x64

6

x64__setup...up.msi

windows10-2004-x64

x64__setup...ce.dll

windows10-2004-x64

7

x64__setup...SP.dll

windows10-2004-x64

1

x64__setup...ss.dll

windows10-2004-x64

1

x64__setup...ct.dll

windows10-2004-x64

1

x64__setup...bj.dll

windows10-2004-x64

1

x64__setup...st.dll

windows10-2004-x64

7

x64__setup...ct.dll

windows10-2004-x64

1

x64__setup...in.dll

windows10-2004-x64

1

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
12/07/2024, 06:49

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

x64__setup__build_18957/Sysprep/en-US/sysprep.exe.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

x64__setup__build_18957/Sysprep/sysprep.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

x64__setup__build_18957/fmapi/SEMgrPS.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

x64__setup__build_18957/fmapi/fmapi.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

x64__setup__build_18957/fmapi/sppnp.dll

Resource

win10v2004-20240704-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

x64__setup__build_18957/fmapi/tzautoupdate.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

x64__setup__build_18957/hal/KBDKOR.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

x64__setup__build_18957/hal/duser.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

x64__setup__build_18957/hal/fontext.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

x64__setup__build_18957/hal/hal.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

x64__setup__build_18957/msvcp140/PeopleAPIs.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

x64__setup__build_18957/msvcp140/msvcp140.dll

Resource

win7-20240705-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

x64__setup__build_18957/msvcp140/msvcp140.dll

Resource

win10v2004-20240704-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

x64__setup__build_18957/msvcp140/ngccredprov.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

x64__setup__build_18957/msvcp140/provdatastore.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

x64__setup__build_18957/setup.msi

Resource

win7-20240704-en

persistence privilege_escalation

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral17

Sample

x64__setup__build_18957/setup.msi

Resource

win10v2004-20240709-en

rhadamanthys execution persistence privilege_escalation stealer

windows10-2004-x64

17 signatures

150 seconds

Behavioral task

behavioral18

Sample

x64__setup__build_18957/spoolss/MSAMRNBSource.dll

Resource

win10v2004-20240709-en

persistence privilege_escalation

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

x64__setup__build_18957/spoolss/ReportingCSP.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

x64__setup__build_18957/spoolss/spoolss.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

x64__setup__build_18957/spoolss/stobject.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

x64__setup__build_18957/sysmain/devobj.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

x64__setup__build_18957/sysmain/eapphost.dll

Resource

win10v2004-20240709-en

persistence privilege_escalation

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

x64__setup__build_18957/sysmain/shacct.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

x64__setup__build_18957/sysmain/sysmain.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

x64__setup__build_18957/sysmain/sysmain.dll
Size

982KB
MD5

6c608c28f3469a3fbb1fc762945aed44
SHA1

250e0a04f55b8bcf10b18bd343fc2fe648f8e6b8
SHA256

07f5694d440b9807db933e7091bc002c395b99f01a4423316118f1a860b60c1e
SHA512

11af42558f371a7a98b92f32eb441de6f7afa53b294494c7ad6e4c65f84594427da2d1c60b55bec084e8d097f597fba9e12711b9b01d48388d5143be028c5c23
SSDEEP

24576:gufcVZxYDn1sanpd1fwUFMPsisHvoIgbRGd:8s71smFfwUqPsHeG

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\x64__setup__build_18957\sysmain\sysmain.dll
1⤵
PID:2984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy