Overview

overview

7

Static

static

3

Valorant R...pc.exe

windows7-x64

1

Valorant R...pc.exe

windows10-2004-x64

1

Valorant R...ll.exe

windows7-x64

7

Valorant R...ll.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/09/2024, 22:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Valorant RPC/Valorant rpc.exe

  • Size

    11.1MB

  • MD5

    eb196761a685e5142bbd228bf396d04e

  • SHA1

    db19b3a8b93dacb25e5143e25dfa6cf4a4a9ee19

  • SHA256

    63a3ea05d29e3607b3e1b806395cecfa8af71c2c0473905463a712f54abb1101

  • SHA512

    89085db23b0d45014e87f2ac5b433e20f92200fb13328b8ab7327db279c5c61581edf260238931d7c73135e8901d0811316db6daff4cc7d92a77269f5037c40e

  • SSDEEP

    196608:EU7giOwXfY5wJRlWI9Y3AklTprVBg65D3ew:EU7giO7GJRl43zN7gR

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Valorant RPC\Valorant rpc.exe
    "C:\Users\Admin\AppData\Local\Temp\Valorant RPC\Valorant rpc.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:4064
  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
    1⤵
      PID:3596
    • C:\Users\Admin\AppData\Local\Temp\Valorant RPC\Valorant rpc.exe
      "C:\Users\Admin\AppData\Local\Temp\Valorant RPC\Valorant rpc.exe"
      1⤵
      • Suspicious use of FindShellTrayWindow
      PID:2356
    • C:\Users\Admin\AppData\Local\Temp\Valorant RPC\Valorant rpc.exe
      "C:\Users\Admin\AppData\Local\Temp\Valorant RPC\Valorant rpc.exe"
      1⤵
      • Suspicious use of FindShellTrayWindow
      PID:1716
    • C:\Users\Admin\AppData\Local\Temp\Valorant RPC\Valorant rpc.exe
      "C:\Users\Admin\AppData\Local\Temp\Valorant RPC\Valorant rpc.exe"
      1⤵
      • Suspicious use of FindShellTrayWindow
      PID:1148
    • C:\Users\Admin\AppData\Local\Temp\Valorant RPC\Valorant rpc.exe
      "C:\Users\Admin\AppData\Local\Temp\Valorant RPC\Valorant rpc.exe"
      1⤵
      • Suspicious use of FindShellTrayWindow
      PID:2512

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads