8dabe8af434fe110d74ca365ed3eeef33001aa26f1487afeb1a6f5d59e7e544c

Analysis

max time kernel
95s
max time network
98s
platform
windows10-2004_x64
resource
win10v2004-20240730-es
resource tags

arch:x64arch:x86image:win10v2004-20240730-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
02-08-2024 09:40

Target

ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0/drivers/x64/vigembus.cat
Size

11KB
MD5

339a567e6515a47edecbdaf040b7f0dd
SHA1

141082c734ead76fd9756cdb35878e3ca342f307
SHA256

7269dfefb9d5c3a1876254caf038e69e04ffd201b174b1baa29de9485ac0bbb8
SHA512

0d8a7eeed7e6429600d7f4968cfdfe0615a6ec2a59edf5759a69e236c3ec9c2882427602080ca01732caa8d0765522785e8ae30ebc6531b531e9df7e6b6a41e1
SSDEEP

192:vIpqoMQMGl7UKazgsxxmmKri9iHMyMLowH0JOqNG8Fp28Wh8n4nL:sMQM1K2XYmK+9TU5JNNzFwhhiIL

Score

8^/10

Blocklisted process makes network request 4 IoCs

Processes:

rundll32.exe

flow pid process

2 5056 rundll32.exe
5 5056 rundll32.exe
7 5056 rundll32.exe
13 5056 rundll32.exe

C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe cryptext.dll,CryptExtOpenCAT C:\Users\Admin\AppData\Local\Temp\ViGEmBusDriver_signed_Win7-10_x86_x64_v1.13.0.0\drivers\x64\vigembus.cat
1⤵
- Blocklisted process makes network request
PID:5056