Overview

overview

10

Static

static

10

OBS-Studio...64.exe

windows7-x64

7

OBS-Studio...64.exe

windows10-2004-x64

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    16/01/2025, 17:38 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OBS-Studio-30.0-Full-Installer-x64.exe

  • Size

    7.4MB

  • MD5

    0015e4dc4930956146757ad6bc4e9d15

  • SHA1

    1653e96a24ab66d22de39e99cdbe97b3b1b7b175

  • SHA256

    925f61ed54f3dfec6237ab0d712517d1badcadac1bb2bddc6d44946ba251675c

  • SHA512

    ac4d42247495563a8665980ec42bd13b9c565aa2e504eb85ddfcabb2e605236168394e09e18dbda857905da89bf97d994f184df7df7b25bec5a6e8d90825c629

  • SSDEEP

    196608:u80cD9QLjv+bhqNVoBKUh8mz4Iv9PPv1DVWhz:ui9AL+9qz8/b4IRv3Whz

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\OBS-Studio-30.0-Full-Installer-x64.exe
    "C:\Users\Admin\AppData\Local\Temp\OBS-Studio-30.0-Full-Installer-x64.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Users\Admin\AppData\Local\Temp\OBS-Studio-30.0-Full-Installer-x64.exe
      "C:\Users\Admin\AppData\Local\Temp\OBS-Studio-30.0-Full-Installer-x64.exe"
      2⤵
      • Loads dropped DLL
      PID:2588

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI22322\python311.dll
    Filesize

    1.6MB

    MD5

    0b66c50e563d74188a1e96d6617261e8

    SHA1

    cfd778b3794b4938e584078cbfac0747a8916d9e

    SHA256

    02c665f77db6b255fc62f978aedbe2092b7ef1926836290da68fd838dbf2a9f2

    SHA512

    37d710cb5c0ceb5957d11b61684cfbc65951c1d40ab560f3f3cb8feca42f9d43bd981a0ff44c3cb7562779264f18116723457e79e0e23852d7638b1a954a258f

    Download Submit

  • memory/2588-24-0x000007FEF6C50000-0x000007FEF7239000-memory.dmp

    Filesize

    5.9MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.