c11eb303330b9638936bad26cf02b8313ca43557d2a63f5e5c00d1eab2a9682e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

OBS-Studio...er.exe

windows10-2004-x64

data/obs-p...64.exe

windows10-2004-x64

1

data/obs-s...on.dll

windows10-2004-x64

1

data/obs-s...ua.dll

windows10-2004-x64

1

data/obs-s...hon.py

windows10-2004-x64

3

obs-plugin...ja.dll

windows10-2004-x64

1

obs-plugin...lf.dll

windows10-2004-x64

1

obs-plugin...er.dll

windows10-2004-x64

1

obs-plugin...ns.dll

windows10-2004-x64

1

obs-plugin...ui.dll

windows10-2004-x64

1

obs-plugin...nk.dll

windows10-2004-x64

1

obs-plugin...ls.dll

windows10-2004-x64

1

obs-plugin...ce.dll

windows10-2004-x64

1

obs-plugin...GL.dll

windows10-2004-x64

1

obs-plugin...ge.exe

windows10-2004-x64

1

obs-plugin...er.dll

windows10-2004-x64

1

obs-plugin...eg.dll

windows10-2004-x64

1

obs-plugin...rs.dll

windows10-2004-x64

1

obs-plugin...ts.dll

windows10-2004-x64

1

obs-plugin...11.dll

windows10-2004-x64

1

obs-plugin...xt.dll

windows10-2004-x64

1

obs-plugin...ns.dll

windows10-2004-x64

1

obs-plugin...st.dll

windows10-2004-x64

1

obs-plugin...tc.dll

windows10-2004-x64

1

obs-plugin...et.dll

windows10-2004-x64

1

obs-plugin...64.dll

windows10-2004-x64

1

obs-plugin...es.dll

windows10-2004-x64

1

obs-plugin...e2.dll

windows10-2004-x64

1

obs-plugin...eo.dll

windows10-2004-x64

1

obs-plugin...re.dll

windows10-2004-x64

1

obs-plugin...ow.dll

windows10-2004-x64

1

obs-plugin...pi.dll

windows10-2004-x64

1

Analysis

max time kernel
1665s
max time network
1163s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
20/08/2024, 20:59

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

OBS-Studio-30.2.2-Windows-Installer.exe

Resource

win10v2004-20240802-en

discovery persistence privilege_escalation

windows10-2004-x64

31 signatures

1800 seconds

Behavioral task

behavioral2

Sample

data/obs-plugins/win-capture/inject-helper64.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral3

Sample

data/obs-scripting/64bit/_obspython.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral4

Sample

data/obs-scripting/64bit/obslua.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral5

Sample

data/obs-scripting/64bit/obspython.py

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

1800 seconds

Behavioral task

behavioral6

Sample

obs-plugins/64bit/aja.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral7

Sample

obs-plugins/64bit/chrome_elf.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral8

Sample

obs-plugins/64bit/coreaudio-encoder.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral9

Sample

obs-plugins/64bit/decklink-captions.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral10

Sample

obs-plugins/64bit/decklink-output-ui.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral11

Sample

obs-plugins/64bit/decklink.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral12

Sample

obs-plugins/64bit/frontend-tools.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral13

Sample

obs-plugins/64bit/image-source.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral14

Sample

obs-plugins/64bit/libEGL.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral15

Sample

obs-plugins/64bit/obs-browser-page.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral16

Sample

obs-plugins/64bit/obs-browser.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral17

Sample

obs-plugins/64bit/obs-ffmpeg.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral18

Sample

obs-plugins/64bit/obs-filters.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral19

Sample

obs-plugins/64bit/obs-outputs.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral20

Sample

obs-plugins/64bit/obs-qsv11.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral21

Sample

obs-plugins/64bit/obs-text.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral22

Sample

obs-plugins/64bit/obs-transitions.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral23

Sample

obs-plugins/64bit/obs-vst.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral24

Sample

obs-plugins/64bit/obs-webrtc.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral25

Sample

obs-plugins/64bit/obs-websocket.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral26

Sample

obs-plugins/64bit/obs-x264.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral27

Sample

obs-plugins/64bit/rtmp-services.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral28

Sample

obs-plugins/64bit/text-freetype2.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral29

Sample

obs-plugins/64bit/vlc-video.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral30

Sample

obs-plugins/64bit/win-capture.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral31

Sample

obs-plugins/64bit/win-dshow.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral32

Sample

obs-plugins/64bit/win-wasapi.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Report Analysis Logs

General

Target

obs-plugins/64bit/decklink-captions.dll
Size

54KB
MD5

01a75807141050f05c915009301a7a34
SHA1

94f4e67b0c3f715f8815f82fa35a3861fbe9240c
SHA256

e49fcd691a08f0f353cfcb741886a06b5051a86f3c91a2d571d5be5a848f6edc
SHA512

dfd519fbef77d406ce87ff2298f4a91e15f12a75503f97d493fba21379d92ce9a4c41b139f034c0ef885682a82b37f2bbffba861f5d78cecc6dc5424e26df47f
SSDEEP

1536:ZtqmEJXilHjVDt71Ai+puhbEArkENDuRxz:HqYHjVDt71Ai+puhbEArkEe

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\obs-plugins\64bit\decklink-captions.dll,#1
1⤵
PID:2976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy