6cd928dbb06199acd086e5cd97c06ce8df59f3e1f6a4e0e021f5a9899c28c6a9 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

SSShim/Cfg...cy.dll

windows10-2004-x64

1

SSShim/ChatApis.dll

windows10-2004-x64

1

SSShim/SSShim.dll

windows10-2004-x64

1

SSShim/com...re.dll

windows10-2004-x64

1

cmdial32/P...st.dll

windows10-2004-x64

1

cmdial32/c...vc.dll

windows10-2004-x64

1

cmdial32/cmdial32.dll

windows10-2004-x64

1

cmdial32/puiapi.dll

windows10-2004-x64

1

dcntel/DafDnsSd.dll

windows10-2004-x64

1

dcntel/DuCsps.dll

windows10-2004-x64

1

dcntel/dcntel.dll

windows10-2004-x64

1

dcntel/kbdnecat.dll

windows10-2004-x64

1

setup.msi

windows7-x64

6

setup.msi

windows10-2004-x64

6

syssetup/S...pi.dll

windows10-2004-x64

1

syssetup/sendmail.dll

windows10-2004-x64

1

syssetup/syssetup.dll

windows10-2004-x64

1

syssetup/vcamp140.dll

windows7-x64

1

syssetup/vcamp140.dll

windows10-2004-x64

1

werconcpl/...et.dll

windows10-2004-x64

1

werconcpl/...p1.dll

windows10-2004-x64

1

werconcpl/ndishc.dll

windows10-2004-x64

7

werconcpl/...pl.dll

windows10-2004-x64

1

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240730-en
resource tags

arch:x64arch:x86image:win10v2004-20240730-enlocale:en-usos:windows10-2004-x64system
submitted
01/08/2024, 21:14

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

SSShim/CfgSPPolicy.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

SSShim/ChatApis.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

SSShim/SSShim.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

SSShim/computecore.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

cmdial32/PrintRenderAPIHost.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

cmdial32/cloudidsvc.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

cmdial32/cmdial32.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

cmdial32/puiapi.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

dcntel/DafDnsSd.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

dcntel/DuCsps.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

dcntel/dcntel.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

dcntel/kbdnecat.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

setup.msi

Resource

win7-20240729-en

discovery persistence privilege_escalation

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral14

Sample

setup.msi

Resource

win10v2004-20240730-en

discovery persistence privilege_escalation

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral15

Sample

syssetup/SensorsApi.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

syssetup/sendmail.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

syssetup/syssetup.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

syssetup/vcamp140.dll

Resource

win7-20240704-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

syssetup/vcamp140.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

werconcpl/Websocket.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

werconcpl/imagesp1.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

werconcpl/ndishc.dll

Resource

win10v2004-20240730-en

persistence privilege_escalation

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

werconcpl/werconcpl.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

SSShim/SSShim.dll
Size

127KB
MD5

87a9f6512140d4e8cf244004b80ee73d
SHA1

e836041852dba214e9e2f75a349628b92280e8a1
SHA256

b7b7a2499f0ac528d925e70a277bba8afc9d7cd226717425133fbb00f1f54020
SHA512

65837577fddbcd01d7fde92afaf7c4acc592e7fe1db6294cfd6c52486996bf43969b1bab22b813f6b0f4d2a302d59cda3138f05836e41c2b5cc8c8c3b9ab4102
SSDEEP

1536:bRQ3PMfYa5lhXbqkomoXQXMDwLtaF3jCmuKFI/GGBmUCAuOxmN2qw4P:liUfThGmqo0p3jCRcGAAuOcDw4

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\SSShim\SSShim.dll,#1
1⤵
PID:1956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy