b9af69ac821a649f211c99e3edf32a76a213e9450b5e972a6cdda5758af530dd | Triage

Submit
Reports

Overview

overview

7

Static

static

3

CloudNotif...ns.exe

windows10-2004-x64

1

CompMgmtLauncher.exe

windows10-2004-x64

7

CompPkgSrv.exe

windows10-2004-x64

1

CompatTelRunner.exe

windows10-2004-x64

1

ComputerDefaults.exe

windows10-2004-x64

7

Credential...er.exe

windows10-2004-x64

1

Credential...er.exe

windows10-2004-x64

1

CustomInstallExec.exe

windows10-2004-x64

1

DFDWiz.exe

windows10-2004-x64

1

DWWIN.exe

windows10-2004-x64

1

DataExchangeHost.exe

windows10-2004-x64

1

DataStoreC...ol.exe

windows10-2004-x64

1

Defrag.exe

windows10-2004-x64

1

DeviceCensus.exe

windows10-2004-x64

6

DeviceCred...nt.exe

windows10-2004-x64

1

DeviceEject.exe

windows10-2004-x64

1

DeviceEnroller.exe

windows10-2004-x64

1

DevicePair...rd.exe

windows10-2004-x64

1

DeviceProperties.exe

windows10-2004-x64

1

DiskSnapshot.exe

windows10-2004-x64

Dism.exe

windows10-2004-x64

1

DisplaySwitch.exe

windows10-2004-x64

3

DmNotifica...er.exe

windows10-2004-x64

1

DmOmaCpMo.exe

windows10-2004-x64

1

DpiScaling.exe

windows10-2004-x64

7

DsmUserTask.exe

windows10-2004-x64

1

Dxpserver.exe

windows10-2004-x64

6

EASPolicyM...st.exe

windows10-2004-x64

1

EDPCleanup.exe

windows10-2004-x64

1

ELANFPService.exe

windows7-x64

1

ELANFPService.exe

windows10-2004-x64

1

Eap3Host.exe

windows10-2004-x64

1

Resubmissions

23/08/2024, 16:00

240823-tf47dsteqe 6

23/08/2024, 15:32

240823-sy293sseld 4

23/08/2024, 15:18

240823-sp1d5athqk 8

23/08/2024, 14:12

240823-rjcv7sydnd 7

23/08/2024, 02:33

240823-c17dta1cpd 7

23/08/2024, 02:11

240823-cmbpzszelg 4

23/08/2024, 02:00

240823-ce59mazbnh 4

23/08/2024, 01:37

240823-b1992a1dmm 5

23/08/2024, 01:24

240823-bsm5jazhpp 5

23/08/2024, 00:51

240823-a7p21awhld 6

Analysis

max time kernel
144s
max time network
160s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
23/08/2024, 02:33

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

CloudNotifications.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

CompMgmtLauncher.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral3

Sample

CompPkgSrv.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

CompatTelRunner.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

ComputerDefaults.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

CredentialEnrollmentManager.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

CredentialUIBroker.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

CustomInstallExec.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

DFDWiz.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

DWWIN.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

DataExchangeHost.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

DataStoreCacheDumpTool.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Defrag.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

DeviceCensus.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral15

Sample

DeviceCredentialDeployment.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

DeviceEject.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

DeviceEnroller.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

DevicePairingWizard.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

DeviceProperties.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

DiskSnapshot.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Dism.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

DisplaySwitch.exe

Resource

win10v2004-20240802-en

persistence privilege_escalation

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

DmNotificationBroker.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

DmOmaCpMo.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

DpiScaling.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral26

Sample

DsmUserTask.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

Dxpserver.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

EASPolicyManagerBrokerHost.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

EDPCleanup.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

ELANFPService.exe

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

ELANFPService.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

Eap3Host.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Dxpserver.exe
Size

320KB
MD5

94cff8771cfb016e2443e33678cbf113
SHA1

ebea421f20d8ae61d3b834011494e312a1bfcfdf
SHA256

b4e13c3da352bf0681a540ce234ea0c3be3261bce312ef240977cd9bad0b9fdb
SHA512

e30f7a6d31662f75f9cfcaa205472ee2121178a03662a6cfd615055f8288a08bd458332bba09d6919a860aafbad2e7acbd549cf8955a59ac4865f84a77d23522
SSDEEP

6144:JTJtm76Ahb5t4eWns0PGrOYm6qy+liIZ1x+xrVFZqHfzpDmP1CfSyOdo5i+lClId:hLm76Mb5t4rs0PGrOYm6qy+IIZ1x+xrC

Score

6^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Processes

C:\Users\Admin\AppData\Local\Temp\Dxpserver.exe
"C:\Users\Admin\AppData\Local\Temp\Dxpserver.exe"
1⤵
PID:3216

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy