35155e8468c1287a21e03699a55325378001fa060ee79a1db8f5b02e82adc33d | Triage

Submit
Reports

Overview

overview

Static

static

7

libavresample-4.zip

windows10-2004-x64

libavresample-4.zip

windows11-21h2-x64

1

NexusChecker.exe

windows10-2004-x64

9

NexusChecker.exe

windows11-21h2-x64

9

freebl3.dll

windows10-2004-x64

1

freebl3.dll

windows11-21h2-x64

1

gkcodecs.dll

windows10-2004-x64

1

gkcodecs.dll

windows11-21h2-x64

1

libavresample-4.dll

windows10-2004-x64

3

libavresample-4.dll

windows11-21h2-x64

6

libavutil-56.dll

windows10-2004-x64

3

libavutil-56.dll

windows11-21h2-x64

3

Analysis

max time kernel
437s
max time network
1159s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
12-09-2024 15:58

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

libavresample-4.zip

Resource

win10v2004-20240802-en

exelastealer collection credential_access defense_evasion discovery evasion persistence privilege_escalation stealer upx

windows10-2004-x64

33 signatures

1800 seconds

Behavioral task

behavioral2

Sample

libavresample-4.zip

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral3

Sample

NexusChecker.exe

Resource

win10v2004-20240802-en

discovery evasion execution themida trojan

windows10-2004-x64

15 signatures

1800 seconds

Behavioral task

behavioral4

Sample

NexusChecker.exe

Resource

win11-20240802-en

discovery evasion execution themida trojan

windows11-21h2-x64

14 signatures

1800 seconds

Behavioral task

behavioral5

Sample

freebl3.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral6

Sample

freebl3.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral7

Sample

gkcodecs.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral8

Sample

gkcodecs.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral9

Sample

libavresample-4.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

1800 seconds

Behavioral task

behavioral10

Sample

libavresample-4.dll

Resource

win11-20240802-en

discovery persistence privilege_escalation

windows11-21h2-x64

22 signatures

1800 seconds

Behavioral task

behavioral11

Sample

libavutil-56.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

1800 seconds

Behavioral task

behavioral12

Sample

libavutil-56.dll

Resource

win11-20240802-en

windows11-21h2-x64

3 signatures

1800 seconds

Report Analysis Logs

General

Target

gkcodecs.dll
Size

462KB
MD5

5b11259c1f70f005cc3138d076bc463f
SHA1

b3d8355d0e805ef251e5639a411f815c25b1cbcf
SHA256

50d8319352761bce751bb54c0a3d295691612b5b5a8fcfe687f1f6e690d0604d
SHA512

8b0b78d5bfc034dfa1d3d237842f3ddc1638bb72292c3eb72748ab398ea5670a3703ecae7324262705b304cba7c28cb5d264316d747f480b68cf25bdfecb1aa5
SSDEEP

12288:Ow2BLenEPdBA0BHCwyhleRMDgSx/FLZvb3kN:OLBMCDA0BCwyhleRMjx/FZc

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\gkcodecs.dll,#1
1⤵
PID:3896

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy