5b790d2d085d2498aa63822812562acc256a26febae6cc78563ba656eb9d0c1f | Triage

Submit
Reports

Overview

overview

Static

static

3

Sgrm/samcli.dll

windows10-2004-x64

1

Sgrm/samlib.dll

windows10-2004-x64

4

Sgrm/sas.dll

windows10-2004-x64

1

app__v7.3.5_.msi

windows7-x64

6

app__v7.3.5_.msi

windows10-2004-x64

wbem/appba...sk.dll

windows10-2004-x64

1

wbem/dnsclientcim.dll

windows10-2004-x64

1

wbem/dnscl...er.dll

windows10-2004-x64

1

winrm/AcLayers.dll

windows10-2004-x64

1

winrm/acledit.dll

windows10-2004-x64

1

winrm/aclui.dll

windows10-2004-x64

1

Analysis

max time kernel
90s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
02/10/2024, 01:17

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Sgrm/samcli.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Sgrm/samlib.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

Sgrm/sas.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

app__v7.3.5_.msi

Resource

win7-20240903-en

discovery persistence privilege_escalation

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral5

Sample

app__v7.3.5_.msi

Resource

win10v2004-20240802-en

lumma discovery execution persistence privilege_escalation stealer

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral6

Sample

wbem/appbackgroundtask.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

wbem/dnsclientcim.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

wbem/dnsclientpsprovider.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

winrm/AcLayers.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

winrm/acledit.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

winrm/aclui.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

winrm/acledit.dll
Size

11KB
MD5

7c2b65e0756e0dc59e0be5d9efd25da0
SHA1

f6303b5239dd8bd5153e7f7c3593cad714462373
SHA256

b89c8b36a4af02d835dc07b7a905e1a3f95308aac92f614810dd69eb71d9fffb
SHA512

3c76acd4f5963bd3ad7a14449dab8bd16e4bb6f8df01070d3907398be65be56935c8cf204fc1d47c12ce1eb5eacebc098845c6d4543189455c75f18d638f0cfa
SSDEEP

96:lYEn2RqMoqNGINrOp2Q96GOGZgmPlx2sVN2est7hnlCdCEW1YTWw9:iE2Qt8/9hGOG7L2WUNhnlgPW2TW

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\winrm\acledit.dll,#1
1⤵
PID:3192

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy