Overview

overview

10

Static

static

10

Usar tu ma... 4.rar

windows10-2004-x64

3

Carpetas d...os.txt

windows10-2004-x64

1

Carpetas d...on.zip

windows10-2004-x64

1

VDX.exe

windows10-2004-x64

4

VDX_x64.exe

windows10-2004-x64

4

Carpetas d....0.zip

windows10-2004-x64

1

ViGEmBusDr...us.inf

windows10-2004-x64

1

ViGEmBusDr...us.sys

windows10-2004-x64

1

ViGEmBusDr...09.dll

windows10-2004-x64

1

ViGEmBusDr...us.cat

windows10-2004-x64

8

ViGEmBusDr...us.inf

windows10-2004-x64

1

ViGEmBusDr...us.sys

windows10-2004-x64

1

ViGEmBusDr...09.dll

windows10-2004-x64

3

ViGEmBusDr...us.cat

windows10-2004-x64

8

Carpetas d...ce.exe

windows10-2004-x64

4

Carpetas d...64.exe

windows10-2004-x64

4

Carpetas d...on.rar

windows10-2004-x64

3

devcon.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    94s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240730-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20240730-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    02-08-2024 09:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VDX.exe

  • Size

    571KB

  • MD5

    0ec433ebd5142b440a974b4872a1d1bd

  • SHA1

    92a802eb6db2cab4cd1d97000fb05d8d99c44a3c

  • SHA256

    d955ff9b4109095f65858989c68c226305d25e6148f63fecd10a850503fd0e17

  • SHA512

    ac68a264d4ccc198bcd2c96b45147eeafeb9b2274ef62522d55ddb96446a19d45bf4379ce9934212c3160602945a3a251fb709249aaf143dcf05c8df27403e7a

  • SSDEEP

    6144:48dOj0l/h2gzKtTFg6ICZgzEQ6+F1h3ZmkDiRFzD9Mxu32RFYKvq2MZ12cPz+P8:xOwlp2gz4Rg6LZ/+h3ZVit32RaKvgy8

Score
4/10
discovery

Malware Config

Signatures

  • Drops file in Windows directory 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\VDX.exe
    "C:\Users\Admin\AppData\Local\Temp\VDX.exe"
    1⤵
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:3688

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads