5b790d2d085d2498aa63822812562acc256a26febae6cc78563ba656eb9d0c1f | Triage

Submit
Reports

Overview

overview

Static

static

3

Sgrm/samcli.dll

windows10-2004-x64

1

Sgrm/samlib.dll

windows10-2004-x64

4

Sgrm/sas.dll

windows10-2004-x64

1

app__v7.3.5_.msi

windows7-x64

6

app__v7.3.5_.msi

windows10-2004-x64

wbem/appba...sk.dll

windows10-2004-x64

1

wbem/dnsclientcim.dll

windows10-2004-x64

1

wbem/dnscl...er.dll

windows10-2004-x64

1

winrm/AcLayers.dll

windows10-2004-x64

1

winrm/acledit.dll

windows10-2004-x64

1

winrm/aclui.dll

windows10-2004-x64

1

Analysis

max time kernel
95s
max time network
100s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
02-10-2024 01:17

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Sgrm/samcli.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Sgrm/samlib.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

Sgrm/sas.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

app__v7.3.5_.msi

Resource

win7-20240903-en

discovery persistence privilege_escalation

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral5

Sample

app__v7.3.5_.msi

Resource

win10v2004-20240802-en

lumma discovery execution persistence privilege_escalation stealer

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral6

Sample

wbem/appbackgroundtask.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

wbem/dnsclientcim.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

wbem/dnsclientpsprovider.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

winrm/AcLayers.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

winrm/acledit.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

winrm/aclui.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Sgrm/sas.dll
Size

14KB
MD5

5f46fec4bca81562f8702650705b86d3
SHA1

c974e9c0f66ee41eedd15d902a9113d97291bf56
SHA256

7d78f5e2102c8e12b591e8c38c95f400a4b3cc3ce911f26b9453d5aaf7f8532d
SHA512

8adec668d362f2b3bcc4a0587849c5e279e154b5dce20b52ec89ae2399fbfb3335235dcb173f3a93a9d501a9a58b1f5b2178f5a53cb5400d75c82f5aff95861a
SSDEEP

384:czK80Jwm4e1F4HR6661hS666r63VnH/YkyvgbbWMwW:cm8D73YMbr

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Sgrm\sas.dll,#1
1⤵
PID:3180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy