Overview

overview

10

Static

static

7

Bandicam 7...m].rar

windows11-21h2-x64

10

Bandicam 7...up.exe

windows11-21h2-x64

9

$PLUGINSDI...al.ini

windows11-21h2-x64

3

$PLUGINSDI...er.bmp

windows11-21h2-x64

3

$PLUGINSDI...rd.bmp

windows11-21h2-x64

3

bandicam.ini

windows11-21h2-x64

3

bdcamvk32.json

windows11-21h2-x64

3

bdcamvk64.json

windows11-21h2-x64

3

data/camera.wav

windows11-21h2-x64

6

data/effec...10.dat

windows11-21h2-x64

3

data/effec...15.dat

windows11-21h2-x64

3

data/effec...20.dat

windows11-21h2-x64

3

data/effec...30.dat

windows11-21h2-x64

3

data/effec...10.dat

windows11-21h2-x64

3

data/effec...15.dat

windows11-21h2-x64

3

data/effec...20.dat

windows11-21h2-x64

3

data/effec...30.dat

windows11-21h2-x64

3

data/language.dat

windows11-21h2-x64

3

data/langu...ix.dat

windows11-21h2-x64

3

data/lclick.wav

windows11-21h2-x64

6

data/rclick.wav

windows11-21h2-x64

6

data/sample.png

windows11-21h2-x64

3

data/skin.zip

windows11-21h2-x64

1

data/start.wav

windows11-21h2-x64

6

data/stop.wav

windows11-21h2-x64

6

encap64.dll

windows11-21h2-x64

1

lang/Japanese.ps1

windows11-21h2-x64

3

Bandicam 7...eg.rar

windows11-21h2-x64

1

Visit www....om.url

windows11-21h2-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    12/10/2024, 17:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    data/effects/effects10.dat

  • Size

    58KB

  • MD5

    fe3d7459d1e60f1a3a9f4de092e46ba7

  • SHA1

    c8545c0873e896d9549c9a66f099b67f36ba461e

  • SHA256

    184bd469a52b67c553fb934bf4122334449f6b6bff86c07ba193eab2ee617427

  • SHA512

    77eba3abacf6db565dbe8dd6f9107cabcb390c40512aca9c09d7d1d590f522cbfa97940d4f06cec71022053af4b13176183997fa14c7a10531cc5511709c8d86

  • SSDEEP

    192:CKgNy3tmieTtcBonQv9JPrRLeUMPRRgw6NQURTgK4cY5VTSttWnQ:9gF56onC9RLPNFekN

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\data\effects\effects10.dat
    1⤵
    • Modifies registry class
    PID:4952
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3616

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads