5b790d2d085d2498aa63822812562acc256a26febae6cc78563ba656eb9d0c1f | Triage

Submit
Reports

Overview

overview

Static

static

3

Sgrm/samcli.dll

windows10-2004-x64

1

Sgrm/samlib.dll

windows10-2004-x64

4

Sgrm/sas.dll

windows10-2004-x64

1

app__v7.3.5_.msi

windows7-x64

6

app__v7.3.5_.msi

windows10-2004-x64

wbem/appba...sk.dll

windows10-2004-x64

1

wbem/dnsclientcim.dll

windows10-2004-x64

1

wbem/dnscl...er.dll

windows10-2004-x64

1

winrm/AcLayers.dll

windows10-2004-x64

1

winrm/acledit.dll

windows10-2004-x64

1

winrm/aclui.dll

windows10-2004-x64

1

Analysis

max time kernel
92s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
02-10-2024 01:17

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Sgrm/samcli.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Sgrm/samlib.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

Sgrm/sas.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

app__v7.3.5_.msi

Resource

win7-20240903-en

discovery persistence privilege_escalation

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral5

Sample

app__v7.3.5_.msi

Resource

win10v2004-20240802-en

lumma discovery execution persistence privilege_escalation stealer

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral6

Sample

wbem/appbackgroundtask.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

wbem/dnsclientcim.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

wbem/dnsclientpsprovider.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

winrm/AcLayers.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

winrm/acledit.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

winrm/aclui.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

winrm/aclui.dll
Size

574KB
MD5

9e12cf3363f8dfc2b2624c4171183eab
SHA1

fcf3c863523ac59dd9e1a030440a731a44b09194
SHA256

e39cdcfd6859ccb705879cf9088522b43941db6ef5683d5719bdaa93340c35a4
SHA512

2492baf066772d26004da646e2574210ddc279675d22f0836833b5953f6c4b2c1481377d7c1d67e205b27aba2381de606985ebb5b4c7360c13443d56110a3aa1
SSDEEP

12288:hytiG4FyHoIoVFLZ0Lr+LhL1Kf0dUQK9zxSW3djeRG:0QG4w+FLmn+L3dTK9zxSW3djeR

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\winrm\aclui.dll,#1
1⤵
PID:4060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy