3c133f67bed07aa7eed0c030a130dcf7c72a24848e7ebc9a4e00102ad2f99cde

Submit
Reports

Overview

overview

Static

static

Bandicam 7...m].rar

windows11-21h2-x64

Bandicam 7...up.exe

windows11-21h2-x64

$PLUGINSDI...al.ini

windows11-21h2-x64

$PLUGINSDI...er.bmp

windows11-21h2-x64

$PLUGINSDI...rd.bmp

windows11-21h2-x64

bandicam.ini

windows11-21h2-x64

bdcamvk32.json

windows11-21h2-x64

bdcamvk64.json

windows11-21h2-x64

data/camera.wav

windows11-21h2-x64

data/effec...10.dat

windows11-21h2-x64

data/effec...15.dat

windows11-21h2-x64

data/effec...20.dat

windows11-21h2-x64

data/effec...30.dat

windows11-21h2-x64

data/effec...10.dat

windows11-21h2-x64

data/effec...15.dat

windows11-21h2-x64

data/effec...20.dat

windows11-21h2-x64

data/effec...30.dat

windows11-21h2-x64

data/language.dat

windows11-21h2-x64

data/langu...ix.dat

windows11-21h2-x64

data/lclick.wav

windows11-21h2-x64

data/rclick.wav

windows11-21h2-x64

data/sample.png

windows11-21h2-x64

data/skin.zip

windows11-21h2-x64

data/start.wav

windows11-21h2-x64

data/stop.wav

windows11-21h2-x64

encap64.dll

windows11-21h2-x64

lang/Japanese.ps1

windows11-21h2-x64

Bandicam 7...eg.rar

windows11-21h2-x64

Visit www....om.url

windows11-21h2-x64

Analysis

max time kernel
150s
max time network
151s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
12/10/2024, 17:56

Sharing

Copy URL

Twitter E-mail

Static task

static1

themida

2 signatures

Behavioral task

behavioral1

Sample

Bandicam 7.1.4.2458 (x64) Multilingual [pesktop.com].rar

Resource

win11-20241007-en

wannacry defense_evasion discovery evasion execution impact persistence privilege_escalation ransomware spyware stealer themida trojan worm

windows11-21h2-x64

43 signatures

150 seconds

Behavioral task

behavioral2

Sample

Bandicam 7.1.4.2458 (x64) Multilingual [pesktop.com]/bdcamsetup.exe

Resource

win11-20241007-en

discovery evasion persistence privilege_escalation themida trojan

windows11-21h2-x64

25 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/ioSpecial.ini

Resource

win11-20240802-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/modern-header.bmp

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/modern-wizard.bmp

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

bandicam.ini

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

bdcamvk32.json

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

bdcamvk64.json

Resource

win11-20240802-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

data/camera.wav

Resource

win11-20241007-en

discovery

windows11-21h2-x64

8 signatures

150 seconds

Behavioral task

behavioral10

Sample

data/effects/effects10.dat

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

data/effects/effects15.dat

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral12

Sample

data/effects/effects20.dat

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

data/effects/effects30.dat

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

data/effects/highlight10.dat

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

data/effects/highlight15.dat

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral16

Sample

data/effects/highlight20.dat

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral17

Sample

data/effects/highlight30.dat

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral18

Sample

data/language.dat

Resource

win11-20240802-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral19

Sample

data/language_bdfix.dat

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral20

Sample

data/lclick.wav

Resource

win11-20241007-en

discovery

windows11-21h2-x64

8 signatures

150 seconds

Behavioral task

behavioral21

Sample

data/rclick.wav

Resource

win11-20241007-en

discovery

windows11-21h2-x64

8 signatures

150 seconds

Behavioral task

behavioral22

Sample

data/sample.png

Resource

win11-20241007-en

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

data/skin.zip

Resource

win11-20241007-en

windows11-21h2-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

data/start.wav

Resource

win11-20241007-en

discovery

windows11-21h2-x64

8 signatures

150 seconds

Behavioral task

behavioral25

Sample

data/stop.wav

Resource

win11-20240802-en

discovery

windows11-21h2-x64

8 signatures

150 seconds

Behavioral task

behavioral26

Sample

encap64.dll

Resource

win11-20241007-en

windows11-21h2-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

lang/Japanese.ps1

Resource

win11-20241007-en

execution

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral28

Sample

Bandicam 7.1.4.2458 (x64) Multilingual [pesktop.com]/reg.rar

Resource

win11-20241007-en

windows11-21h2-x64

2 signatures

150 seconds

Behavioral task

behavioral29

Sample

Visit www.pesktop.com.url

Resource

win11-20241007-en

windows11-21h2-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

encap64.dll
Size

223KB
MD5

3a9c5ba1cd79752bcd6e3bad59645c89
SHA1

e7bb57a7ffb19bb3623f99275621124c73de79d8
SHA256

2761566fafad890783483069d7070592b25269d8fdc16d796115a4262aac9bd6
SHA512

0b82d7524158e6a7d38413f0059bb3230a7fe1cae825cf4d9ab3f69de7994ff7b7941c0407e3beb90abb21334cb0927ac6197c0fdb8817449505887fd8d4a412
SSDEEP

3072:s7ZIsHYwvPrBJ2vcPWZ95BEL4IJk5iAdv++zdJknoDfgTjMc48FVd5:yIsHYS32vcPWZ964YOiGW+dgTAcr/

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\encap64.dll,#1
1⤵
PID:4304

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads