99932e6dbe1103e83b0468d11bda2808d22d5522f91b78ca6a3c06a5a85b3210 | Triage

Submit
Reports

Overview

overview

Static

static

3

144755cf70...72.exe

windows7-x64

144755cf70...72.exe

windows10-2004-x64

9

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

InterVpn/b...x2.exe

windows7-x64

9

InterVpn/b...x2.exe

windows10-2004-x64

9

InterVpn/b...ns.exe

windows7-x64

InterVpn/b...ns.exe

windows10-2004-x64

9

InterVpn/b...-2.dll

windows7-x64

3

InterVpn/b...-2.dll

windows10-2004-x64

3

InterVpn/b...-1.dll

windows7-x64

3

InterVpn/b...-1.dll

windows10-2004-x64

3

InterVpn/b...sl.exe

windows7-x64

1

InterVpn/b...sl.exe

windows10-2004-x64

3

InterVpn/b...ui.exe

windows7-x64

1

InterVpn/b...ui.exe

windows10-2004-x64

3

InterVpn/b...pn.exe

windows7-x64

1

InterVpn/b...pn.exe

windows10-2004-x64

3

InterVpn/b...rv.exe

windows7-x64

1

InterVpn/b...rv.exe

windows10-2004-x64

3

OpenVPN64/...32.dll

windows7-x64

1

OpenVPN64/...32.dll

windows10-2004-x64

1

OpenVPN64/...-2.dll

windows7-x64

1

OpenVPN64/...-2.dll

windows10-2004-x64

1

OpenVPN64/...-1.dll

windows7-x64

1

OpenVPN64/...-1.dll

windows10-2004-x64

1

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
22-12-2024 12:27

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

144755cf70a3ef6c0212c49645891c53ce926ad7e3e626016023d6aecc484372.exe

Resource

win7-20240708-en

cryptbot discovery evasion spyware stealer

windows7-x64

21 signatures

150 seconds

Behavioral task

behavioral2

Sample

144755cf70a3ef6c0212c49645891c53ce926ad7e3e626016023d6aecc484372.exe

Resource

win10v2004-20241007-en

discovery evasion

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/UAC.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/UAC.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/UserInfo.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/UserInfo.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win7-20241010-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

InterVpn/bin/InterVpn/intervpnmix2.exe

Resource

win7-20240903-en

discovery evasion

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral12

Sample

InterVpn/bin/InterVpn/intervpnmix2.exe

Resource

win10v2004-20241007-en

discovery evasion

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral13

Sample

InterVpn/bin/InterVpn/vruns.exe

Resource

win7-20240903-en

cryptbot discovery evasion spyware stealer

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral14

Sample

InterVpn/bin/InterVpn/vruns.exe

Resource

win10v2004-20241007-en

discovery evasion

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral15

Sample

InterVpn/bin/liblzo2-2.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral16

Sample

InterVpn/bin/liblzo2-2.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral17

Sample

InterVpn/bin/libpkcs11-helper-1.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

InterVpn/bin/libpkcs11-helper-1.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

InterVpn/bin/openssl.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

InterVpn/bin/openssl.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

InterVpn/bin/openvpn-gui.exe

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

InterVpn/bin/openvpn-gui.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

InterVpn/bin/openvpn.exe

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

InterVpn/bin/openvpn.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

InterVpn/bin/openvpnserv.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

InterVpn/bin/openvpnserv.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

OpenVPN64/bin/libeay32.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

OpenVPN64/bin/libeay32.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

OpenVPN64/bin/liblzo2-2.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

OpenVPN64/bin/liblzo2-2.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

OpenVPN64/bin/libpkcs11-helper-1.dll

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

OpenVPN64/bin/libpkcs11-helper-1.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

OpenVPN64/bin/liblzo2-2.dll
Size

221KB
MD5

43aeef5b6ec15683f7bcdc7042767d86
SHA1

e353824729bbdb198fd0cc4f4773d0a79eb82a7a
SHA256

16a8734304a6f67b02d74b8eae72053daa204d4f9a8792d2bc74ca8eb1a1ca97
SHA512

d8e97f5e73c8e8e363272509c54b524d7305f2c4bb76d5d3aeb386225cf585d495a8b635058d245cc47296fdd0dab1c425978a23d51e71bbcb68e57b408e0bd3
SSDEEP

1536:5luJQbPPmzPQ2Kn8r8FwvLbWj4EuwWiF37/eZ:vzP+P579v/WjWYF37Q

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\OpenVPN64\bin\liblzo2-2.dll,#1
1⤵
PID:4052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy