5b790d2d085d2498aa63822812562acc256a26febae6cc78563ba656eb9d0c1f | Triage

Submit
Reports

Overview

overview

Static

static

3

Sgrm/samcli.dll

windows10-2004-x64

1

Sgrm/samlib.dll

windows10-2004-x64

4

Sgrm/sas.dll

windows10-2004-x64

1

app__v7.3.5_.msi

windows7-x64

6

app__v7.3.5_.msi

windows10-2004-x64

wbem/appba...sk.dll

windows10-2004-x64

1

wbem/dnsclientcim.dll

windows10-2004-x64

1

wbem/dnscl...er.dll

windows10-2004-x64

1

winrm/AcLayers.dll

windows10-2004-x64

1

winrm/acledit.dll

windows10-2004-x64

1

winrm/aclui.dll

windows10-2004-x64

1

Analysis

max time kernel
92s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
02-10-2024 01:17

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Sgrm/samcli.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Sgrm/samlib.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

Sgrm/sas.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

app__v7.3.5_.msi

Resource

win7-20240903-en

discovery persistence privilege_escalation

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral5

Sample

app__v7.3.5_.msi

Resource

win10v2004-20240802-en

lumma discovery execution persistence privilege_escalation stealer

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral6

Sample

wbem/appbackgroundtask.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

wbem/dnsclientcim.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

wbem/dnsclientpsprovider.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

winrm/AcLayers.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

winrm/acledit.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

winrm/aclui.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Sgrm/samcli.dll
Size

81KB
MD5

88fc8a7c285558b7f502f1a4c7f66314
SHA1

6ccceff830bf6683a4c20e64654fd05a12f40406
SHA256

09a086e2575c72f0835b7df861f219ad58b80f3a6318d44be29f4fde36a57f3c
SHA512

89bb84e876368d457d63471072ebd45c2801a329e83ca400a9eee9864449cd4a3bc8c779b184929ff797074bf160258f6388779549c42d54d001fe21c550d947
SSDEEP

1536:/pGdBAtLXW/2hUqNYgUYYYTzwc/g3+asq1itSbdsd:/pTiOpYKYYTzz/g3+Ztya

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Sgrm\samcli.dll,#1
1⤵
PID:1592

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy