5834f6ae3522131494c225a93c30173430be80b5c144519b265395c54f35172b | Triage

Submit
Reports

Overview

overview

Static

static

3

FreePiano/...no.exe

windows11-21h2-x64

6

FreePiano/...f2.dll

windows11-21h2-x64

FreePiano/...p4.exe

windows11-21h2-x64

3

FreePiano/...no.dll

windows11-21h2-x64

1

QWERTY/Mid...ty.exe

windows11-21h2-x64

1

QWERTY/SDL2.dll

windows11-21h2-x64

1

QWERTY/portmidi.dll

windows11-21h2-x64

1

setuploopbe1.exe

windows11-21h2-x64

7

$PLUGINSDI...PI.dll

windows11-21h2-x64

1

$PLUGINSDI...ns.dll

windows11-21h2-x64

8

$PLUGINSDI...nu.dll

windows11-21h2-x64

5

$PLUGINSDI...em.dll

windows11-21h2-x64

$PLUGINSDI...fo.dll

windows11-21h2-x64

$PLUGINSDI...st.exe

windows11-21h2-x64

1

$PLUGINSDI...e1.sys

windows11-21h2-x64

1

$PLUGINSDI...ec.dll

windows11-21h2-x64

3

Analysis

max time kernel
1512s
max time network
1482s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
11-08-2024 04:07

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

FreePiano/freepiano.exe

Resource

win11-20240802-en

windows11-21h2-x64

14 signatures

1800 seconds

Behavioral task

behavioral2

Sample

FreePiano/plugins/plugin_sf2.dll

Resource

win11-20240802-en

wannacry defense_evasion discovery execution impact persistence ransomware spyware stealer worm

windows11-21h2-x64

30 signatures

1800 seconds

Behavioral task

behavioral3

Sample

FreePiano/plugins/plugin_xfmp4.exe

Resource

win11-20240802-en

windows11-21h2-x64

10 signatures

1800 seconds

Behavioral task

behavioral4

Sample

FreePiano/vsti/mdaPiano.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral5

Sample

QWERTY/Midi to Qwerty.exe

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral6

Sample

QWERTY/SDL2.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral7

Sample

QWERTY/portmidi.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral8

Sample

setuploopbe1.exe

Resource

win11-20240802-en

windows11-21h2-x64

3 signatures

1800 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/DIFxAPI.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win11-20240802-en

bootkit discovery evasion persistence

windows11-21h2-x64

15 signatures

1800 seconds

Behavioral task

behavioral11

Sample

$PLUGINSDIR/StartMenu.dll

Resource

win11-20240802-en

windows11-21h2-x64

13 signatures

1800 seconds

Behavioral task

behavioral12

Sample

$PLUGINSDIR/System.dll

Resource

win11-20240802-en

modiloader netwire njrat remcos wannacry warzonerat host botnet defense_evasion discovery evasion execution impact infostealer persistence privilege_escalation ransomware rat rezer0 stealer trojan worm

windows11-21h2-x64

48 signatures

1800 seconds

Behavioral task

behavioral13

Sample

$PLUGINSDIR/UserInfo.dll

Resource

win11-20240802-en

discovery evasion motw phishing ransomware

windows11-21h2-x64

18 signatures

1800 seconds

Behavioral task

behavioral14

Sample

$PLUGINSDIR/drvinst.exe

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral15

Sample

$PLUGINSDIR/loopbe1.sys

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral16

Sample

$PLUGINSDIR/nsExec.dll

Resource

win11-20240802-en

windows11-21h2-x64

3 signatures

1800 seconds

Report Analysis Logs

General

Target

$PLUGINSDIR/loopbe1.sys
Size

13KB
MD5

37efb026e1a8a79fbe7044a241281b3e
SHA1

2338874e4b8e68d7752bbe92fe1b6df12d812551
SHA256

d2c20282d6e5dbff38c00df745f19f2457baf53cb5ee30c02979029fa04e0ddb
SHA512

53e4dadbe3b69cca3efa76f4da781f15d5624e5a22f269ba75af324e89aefe391243197197fd7b0510e3b56ea21a33875e5e18272e824f55e16cdd26b05370f1
SSDEEP

384:F0XJ7Tpbtqh4RbDEoiKdSSjGTENTMV9Kyue:i5btqCLiKdSSjOENT89p

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\loopbe1.sys
1⤵
PID:4920
- C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\loopbe1.sys
  C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\loopbe1.sys
  2⤵
  PID:5088

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/5088-0-0x0000000000010000-0x0000000000019000-memory.dmp

Filesize
36KB

Download

© 2018-2025

Terms | Privacy