Overview

overview

10

Static

static

3

71/AudioCapture.dll

windows7-x64

3

71/AudioCapture.dll

windows10-2004-x64

3

71/HTCTL32.dll

windows7-x64

3

71/HTCTL32.dll

windows10-2004-x64

3

71/KBDURDU.dll

windows10-2004-x64

3

71/PCICHEK.dll

windows7-x64

3

71/PCICHEK.dll

windows10-2004-x64

3

71/PCICL32.dll

windows7-x64

3

71/PCICL32.dll

windows10-2004-x64

3

71/TCCTL32.dll

windows7-x64

3

71/TCCTL32.dll

windows10-2004-x64

3

71/client32.exe

windows7-x64

10

71/client32.exe

windows10-2004-x64

10

71/kbd101a.dll

windows10-2004-x64

3

71/kbd101b.dll

windows10-2004-x64

3

71/kbd101c.dll

windows10-2004-x64

3

71/msvcr100.dll

windows7-x64

3

71/msvcr100.dll

windows10-2004-x64

3

71/pcicapi.dll

windows7-x64

3

71/pcicapi.dll

windows10-2004-x64

3

71/remcmdstub.exe

windows7-x64

3

71/remcmdstub.exe

windows10-2004-x64

3

71/rendezv...on.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25/03/2025, 19:02 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    71/AudioCapture.dll

  • Size

    91KB

  • MD5

    4182f37b9ba1fa315268c669b5335dde

  • SHA1

    2c13da0c10638a5200fed99dcdcf0dc77a599073

  • SHA256

    a74612ae5234d1a8f1263545400668097f9eb6a01dfb8037bc61ca9cae82c5b8

  • SHA512

    4f22ad5679a844f6ed248bf2594af94cf2ed1e5c6c5441f0fb4de766648c17d1641a6ce7c816751f0520a3ae336479c15f3f8b6ebe64a76c38bc28a02ff0f5dc

  • SSDEEP

    1536:wrOxDJs/Ksdl0R1dBmhFXxRpP9JNvbnPUGI:3yXlQmhhHp9J9bnPTI

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\71\AudioCapture.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\71\AudioCapture.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:2500

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.