6cd928dbb06199acd086e5cd97c06ce8df59f3e1f6a4e0e021f5a9899c28c6a9 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

SSShim/Cfg...cy.dll

windows10-2004-x64

1

SSShim/ChatApis.dll

windows10-2004-x64

1

SSShim/SSShim.dll

windows10-2004-x64

1

SSShim/com...re.dll

windows10-2004-x64

1

cmdial32/P...st.dll

windows10-2004-x64

1

cmdial32/c...vc.dll

windows10-2004-x64

1

cmdial32/cmdial32.dll

windows10-2004-x64

1

cmdial32/puiapi.dll

windows10-2004-x64

1

dcntel/DafDnsSd.dll

windows10-2004-x64

1

dcntel/DuCsps.dll

windows10-2004-x64

1

dcntel/dcntel.dll

windows10-2004-x64

1

dcntel/kbdnecat.dll

windows10-2004-x64

1

setup.msi

windows7-x64

6

setup.msi

windows10-2004-x64

6

syssetup/S...pi.dll

windows10-2004-x64

1

syssetup/sendmail.dll

windows10-2004-x64

1

syssetup/syssetup.dll

windows10-2004-x64

1

syssetup/vcamp140.dll

windows7-x64

1

syssetup/vcamp140.dll

windows10-2004-x64

1

werconcpl/...et.dll

windows10-2004-x64

1

werconcpl/...p1.dll

windows10-2004-x64

1

werconcpl/ndishc.dll

windows10-2004-x64

7

werconcpl/...pl.dll

windows10-2004-x64

1

Analysis

max time kernel
92s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20240730-en
resource tags

arch:x64arch:x86image:win10v2004-20240730-enlocale:en-usos:windows10-2004-x64system
submitted
01-08-2024 21:14

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

SSShim/CfgSPPolicy.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

SSShim/ChatApis.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

SSShim/SSShim.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

SSShim/computecore.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

cmdial32/PrintRenderAPIHost.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

cmdial32/cloudidsvc.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

cmdial32/cmdial32.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

cmdial32/puiapi.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

dcntel/DafDnsSd.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

dcntel/DuCsps.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

dcntel/dcntel.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

dcntel/kbdnecat.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

setup.msi

Resource

win7-20240729-en

discovery persistence privilege_escalation

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral14

Sample

setup.msi

Resource

win10v2004-20240730-en

discovery persistence privilege_escalation

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral15

Sample

syssetup/SensorsApi.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

syssetup/sendmail.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

syssetup/syssetup.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

syssetup/vcamp140.dll

Resource

win7-20240704-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

syssetup/vcamp140.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

werconcpl/Websocket.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

werconcpl/imagesp1.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

werconcpl/ndishc.dll

Resource

win10v2004-20240730-en

persistence privilege_escalation

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

werconcpl/werconcpl.dll

Resource

win10v2004-20240730-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

cmdial32/PrintRenderAPIHost.dll
Size

734KB
MD5

b6a23785dceea13673d3b503f38f6198
SHA1

4d61186296a7ddf4e72d9b218211565126538fe7
SHA256

004bdb9bb89fc9bde6dfc59cccde4ff4e07b23e26ef22a1327e06ab95a3acfd8
SHA512

b15f38d6c10d829eedd0a1f412605f5f774f620b6b3509985ee34fa354324f683dbf9cbbd4fd9e3caa44c2dc4b48ab6cbaa0d74716f9bc7d9328be54237125d4
SSDEEP

12288:GgGPQTPhKAb3pYl6dmVSL25UvpWoM3LNbA4Sb4lX4aD6N3Wrd:YPQdZ3ClZUvpWoMZcOIaD6xWx

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\cmdial32\PrintRenderAPIHost.dll,#1
1⤵
PID:3260

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy