c11eb303330b9638936bad26cf02b8313ca43557d2a63f5e5c00d1eab2a9682e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

OBS-Studio...er.exe

windows10-2004-x64

data/obs-p...64.exe

windows10-2004-x64

1

data/obs-s...on.dll

windows10-2004-x64

1

data/obs-s...ua.dll

windows10-2004-x64

1

data/obs-s...hon.py

windows10-2004-x64

3

obs-plugin...ja.dll

windows10-2004-x64

1

obs-plugin...lf.dll

windows10-2004-x64

1

obs-plugin...er.dll

windows10-2004-x64

1

obs-plugin...ns.dll

windows10-2004-x64

1

obs-plugin...ui.dll

windows10-2004-x64

1

obs-plugin...nk.dll

windows10-2004-x64

1

obs-plugin...ls.dll

windows10-2004-x64

1

obs-plugin...ce.dll

windows10-2004-x64

1

obs-plugin...GL.dll

windows10-2004-x64

1

obs-plugin...ge.exe

windows10-2004-x64

1

obs-plugin...er.dll

windows10-2004-x64

1

obs-plugin...eg.dll

windows10-2004-x64

1

obs-plugin...rs.dll

windows10-2004-x64

1

obs-plugin...ts.dll

windows10-2004-x64

1

obs-plugin...11.dll

windows10-2004-x64

1

obs-plugin...xt.dll

windows10-2004-x64

1

obs-plugin...ns.dll

windows10-2004-x64

1

obs-plugin...st.dll

windows10-2004-x64

1

obs-plugin...tc.dll

windows10-2004-x64

1

obs-plugin...et.dll

windows10-2004-x64

1

obs-plugin...64.dll

windows10-2004-x64

1

obs-plugin...es.dll

windows10-2004-x64

1

obs-plugin...e2.dll

windows10-2004-x64

1

obs-plugin...eo.dll

windows10-2004-x64

1

obs-plugin...re.dll

windows10-2004-x64

1

obs-plugin...ow.dll

windows10-2004-x64

1

obs-plugin...pi.dll

windows10-2004-x64

1

Analysis

max time kernel
1365s
max time network
1162s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
20/08/2024, 20:59

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

OBS-Studio-30.2.2-Windows-Installer.exe

Resource

win10v2004-20240802-en

discovery persistence privilege_escalation

windows10-2004-x64

31 signatures

1800 seconds

Behavioral task

behavioral2

Sample

data/obs-plugins/win-capture/inject-helper64.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral3

Sample

data/obs-scripting/64bit/_obspython.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral4

Sample

data/obs-scripting/64bit/obslua.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral5

Sample

data/obs-scripting/64bit/obspython.py

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

1800 seconds

Behavioral task

behavioral6

Sample

obs-plugins/64bit/aja.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral7

Sample

obs-plugins/64bit/chrome_elf.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral8

Sample

obs-plugins/64bit/coreaudio-encoder.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral9

Sample

obs-plugins/64bit/decklink-captions.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral10

Sample

obs-plugins/64bit/decklink-output-ui.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral11

Sample

obs-plugins/64bit/decklink.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral12

Sample

obs-plugins/64bit/frontend-tools.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral13

Sample

obs-plugins/64bit/image-source.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral14

Sample

obs-plugins/64bit/libEGL.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral15

Sample

obs-plugins/64bit/obs-browser-page.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral16

Sample

obs-plugins/64bit/obs-browser.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral17

Sample

obs-plugins/64bit/obs-ffmpeg.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral18

Sample

obs-plugins/64bit/obs-filters.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral19

Sample

obs-plugins/64bit/obs-outputs.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral20

Sample

obs-plugins/64bit/obs-qsv11.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral21

Sample

obs-plugins/64bit/obs-text.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral22

Sample

obs-plugins/64bit/obs-transitions.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral23

Sample

obs-plugins/64bit/obs-vst.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral24

Sample

obs-plugins/64bit/obs-webrtc.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral25

Sample

obs-plugins/64bit/obs-websocket.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral26

Sample

obs-plugins/64bit/obs-x264.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral27

Sample

obs-plugins/64bit/rtmp-services.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral28

Sample

obs-plugins/64bit/text-freetype2.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral29

Sample

obs-plugins/64bit/vlc-video.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral30

Sample

obs-plugins/64bit/win-capture.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral31

Sample

obs-plugins/64bit/win-dshow.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral32

Sample

obs-plugins/64bit/win-wasapi.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Report Analysis Logs

General

Target

obs-plugins/64bit/rtmp-services.dll
Size

71KB
MD5

7e92a4ad5e7ea0239ee1fcacd6864180
SHA1

ef27c9a4fd5fa2252a79125d3bda7e8caec0deb4
SHA256

57172fc53a4cdb5d04601c68f5e8cd8cb735fa59ad078e9adbf1bb159a414f1f
SHA512

7fd307788bc4d0194836edfa537de24e645335e83bb66e2470b3b85ace33a8e473275957e377b9ae56117ea34647595bdf7df4ab67c62f3bc506928e55609cbf
SSDEEP

1536:IkED3xYtQ/PLuA7tt8Qkcq3tTTa8RDeHxN:IkEDxYIP7t2+82

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\obs-plugins\64bit\rtmp-services.dll,#1
1⤵
PID:4464

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy