38cb03bb108b88715d554d1141eb734b2dc25b63fc69c4b037e589caa2e77bec | Triage

Submit
Reports

Overview

overview

Static

static

3

AudioCapture.dll

windows7-x64

3

AudioCapture.dll

windows10-2004-x64

3

HTCTL32.dll

windows7-x64

3

HTCTL32.dll

windows10-2004-x64

3

KBDTAM99.dll

windows10-2004-x64

1

PCICHEK.dll

windows7-x64

3

PCICHEK.dll

windows10-2004-x64

3

PCICL32.dll

windows7-x64

3

PCICL32.dll

windows10-2004-x64

3

TsUsbRedir...on.dll

windows10-2004-x64

6

WiaExtensi...64.dll

windows10-2004-x64

1

client32.exe

windows7-x64

client32.exe

windows10-2004-x64

comcat.dll

windows10-2004-x64

1

getuname.dll

windows10-2004-x64

1

ifsutilx.dll

windows10-2004-x64

1

mprext.dll

windows10-2004-x64

1

msidle.dll

windows10-2004-x64

1

msidntld.dll

windows10-2004-x64

1

msvcr100.dll

windows7-x64

3

msvcr100.dll

windows10-2004-x64

3

neth.dll

windows10-2004-x64

1

netmsg.dll

windows10-2004-x64

1

panmap.dll

windows10-2004-x64

1

pcicapi.dll

windows7-x64

3

pcicapi.dll

windows10-2004-x64

3

prflbmsg.dll

windows10-2004-x64

1

provdiagnostics.dll

windows10-2004-x64

1

remcmdstub.exe

windows7-x64

3

remcmdstub.exe

windows10-2004-x64

3

wiatrace.dll

windows10-2004-x64

1

Analysis

max time kernel
94s
max time network
97s
platform
windows10-2004_x64
resource
win10v2004-20250129-en
resource tags

arch:x64arch:x86image:win10v2004-20250129-enlocale:en-usos:windows10-2004-x64system
submitted
04-02-2025 10:08

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

AudioCapture.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

AudioCapture.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

HTCTL32.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

HTCTL32.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

KBDTAM99.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

PCICHEK.dll

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

PCICHEK.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

PCICL32.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

PCICL32.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

TsUsbRedirectionGroupPolicyExtension.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral11

Sample

WiaExtensionHost64.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

client32.exe

Resource

win7-20240903-en

netsupport discovery rat

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral13

Sample

client32.exe

Resource

win10v2004-20250129-en

netsupport discovery rat

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral14

Sample

comcat.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

getuname.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

ifsutilx.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

mprext.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

msidle.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

msidntld.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

msvcr100.dll

Resource

win7-20241010-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral21

Sample

msvcr100.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral22

Sample

neth.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

netmsg.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

panmap.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

pcicapi.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral26

Sample

pcicapi.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral27

Sample

prflbmsg.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

provdiagnostics.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

remcmdstub.exe

Resource

win7-20240708-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

remcmdstub.exe

Resource

win10v2004-20250129-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral31

Sample

wiatrace.dll

Resource

win10v2004-20250129-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

ifsutilx.dll
Size

16KB
MD5

27a7213091cda31e84967bead4d29bd1
SHA1

e705e0fd25167c8cdaf984f067e3bdf4be8558d3
SHA256

42214053995b6188b2e20935ca8c92af77639f0d5541a132920a5cba2cfcbde6
SHA512

a16ee540cad2661f3d31071aed3b2f30ea5c0f068f51a350ef693fb83df30ce97ea4701714091ed0ef4a0806d908d93691beb0d8060b5ec73f62422477c8f3ce
SSDEEP

192:peIxDV4pntj/Hi3SbYMS9HERLChPjuARtNlvJy7VfYN7EcX2D1WsZW:peIxp4pntja35JExChjhtWYNZ2xWsZW

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\ifsutilx.dll,#1
1⤵
PID:1904

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy