Overview
overview
7Static
static
3SuperViewe...th.msi
windows11-21h2-x64
6SuperViewe...64.msi
windows11-21h2-x64
6SuperViewe...rl.msi
windows11-21h2-x64
6SuperViewe...64.msi
windows11-21h2-x64
6SuperViewe...TE.msi
windows11-21h2-x64
6SuperViewe...XT.msi
windows11-21h2-x64
6SuperViewe...64.msi
windows11-21h2-x64
6SuperViewe...rt.msi
windows11-21h2-x64
6SuperViewe...or.exe
windows11-21h2-x64
3SuperViewe...er.msi
windows11-21h2-x64
6SuperViewe...er.msi
windows11-21h2-x64
6SuperViewe...re.msi
windows11-21h2-x64
6SuperViewe...er.exe
windows11-21h2-x64
3SuperViewe...64.exe
windows11-21h2-x64
7SuperViewe...86.exe
windows11-21h2-x64
7SuperViewe...ex.msi
windows11-21h2-x64
6SuperViewe...64.msi
windows11-21h2-x64
6SuperViewe...kl.msi
windows11-21h2-x64
6SuperViewe...64.msi
windows11-21h2-x64
6SuperViewe...os.msi
windows11-21h2-x64
SuperViewe...64.msi
windows11-21h2-x64
6SuperViewe...es.msi
windows11-21h2-x64
6SuperViewe...et.msi
windows11-21h2-x64
6SuperViewe...me.msi
windows11-21h2-x64
SuperViewe...ph.msi
windows11-21h2-x64
6SuperViewe...ls.msi
windows11-21h2-x64
6SuperViewe...pp.msi
windows11-21h2-x64
6SuperViewe...rk.msi
windows11-21h2-x64
6SuperViewe...it.msi
windows11-21h2-x64
6SuperViewe...64.msi
windows11-21h2-x64
6SuperViewe...ne.msi
windows11-21h2-x64
6SuperViewe...64.msi
windows11-21h2-x64
6Analysis
-
max time kernel
211s -
max time network
288s -
platform
windows11-21h2_x64 -
resource
win11-20250313-en -
resource tags
arch:x64arch:x86image:win11-20250313-enlocale:en-usos:windows11-21h2-x64system -
submitted
28/03/2025, 13:52
Behavioral task
behavioral1
Sample
SuperViewer Installer/Volume/bin/p15/niauth.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral2
Sample
SuperViewer Installer/Volume/bin/p15/niauth64.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral3
Sample
SuperViewer Installer/Volume/bin/p16/nicurl.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral4
Sample
SuperViewer Installer/Volume/bin/p16/nicurl64.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral5
Sample
SuperViewer Installer/Volume/bin/p17/LabVI00/NIWebServer_LVRTE.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral6
Sample
SuperViewer Installer/Volume/bin/p18/LogosXT.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral7
Sample
SuperViewer Installer/Volume/bin/p18/LogosXT64.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral8
Sample
SuperViewer Installer/Volume/bin/p19/ni_error/ni_error_report.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral9
Sample
SuperViewer Installer/Volume/bin/p2/SystemRequirementsError.exe
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral10
Sample
SuperViewer Installer/Volume/bin/p2/VC2015-32Wrapper.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral11
Sample
SuperViewer Installer/Volume/bin/p2/VC2015-64Wrapper.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral12
Sample
SuperViewer Installer/Volume/bin/p2/VC2015Core.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral13
Sample
SuperViewer Installer/Volume/bin/p2/VCRunTimeInstaller.exe
Resource
win11-20250314-en
windows11-21h2-x64
Behavioral task
behavioral14
Sample
SuperViewer Installer/Volume/bin/p2/vc_redist.x64.exe
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral15
Sample
SuperViewer Installer/Volume/bin/p2/vc_redist.x86.exe
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral16
Sample
SuperViewer Installer/Volume/bin/p20/activex.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral17
Sample
SuperViewer Installer/Volume/bin/p20/activex64.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral18
Sample
SuperViewer Installer/Volume/bin/p25/mkl.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral19
Sample
SuperViewer Installer/Volume/bin/p25/mkl64.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral20
Sample
SuperViewer Installer/Volume/bin/p26/logos.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral21
Sample
SuperViewer Installer/Volume/bin/p26/logos64.msi
Resource
win11-20250314-en
windows11-21h2-x64
Behavioral task
behavioral22
Sample
SuperViewer Installer/Volume/bin/p27/lvrteres/LV2019rteres.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral23
Sample
SuperViewer Installer/Volume/bin/p28/LV2019rtdnet.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral24
Sample
SuperViewer Installer/Volume/bin/p28/LV2019runtime.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral25
Sample
SuperViewer Installer/Volume/bin/p29/MStudioCW3DGraph.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral26
Sample
SuperViewer Installer/Volume/bin/p3/NISys00/NISysLogUtils.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral27
Sample
SuperViewer Installer/Volume/bin/p4/sslLVRTE/ssl_LVRTEsupp.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral28
Sample
SuperViewer Installer/Volume/bin/p5/NI_De00/dep_framework.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral29
Sample
SuperViewer Installer/Volume/bin/p6/KillBit.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral30
Sample
SuperViewer Installer/Volume/bin/p6/KillBit64.msi
Resource
win11-20250313-en
windows11-21h2-x64
Behavioral task
behavioral31
Sample
SuperViewer Installer/Volume/bin/p7/NITraceEngine.msi
Resource
win11-20250314-en
windows11-21h2-x64
Behavioral task
behavioral32
Sample
SuperViewer Installer/Volume/bin/p7/NITraceEngine64.msi
Resource
win11-20250314-en
windows11-21h2-x64
General
-
Target
SuperViewer Installer/Volume/bin/p2/VC2015-32Wrapper.msi
-
Size
232KB
-
MD5
782c1dcc5bdb5922c513bce1af73905b
-
SHA1
443a74d32c0975e37cdf376a169f9d5502177f92
-
SHA256
04febbada7ccad674326c4d094b086f0f638d60d4714c82a43c188ac7a0152b2
-
SHA512
9479ac0b805fce1a1fa604427ce740d14def51102debefb7444640330d2eb779d7c0c6e7ab9c10df817834f91f3ddcb2d455456be7acad5b14c848ee37772e75
-
SSDEEP
3072:PaKWEqtAX//Xj65p2rcvJVPdZx3ZOYguuw5D5muyPWEl6G:Uhi/vj65p2rSjPFpOKm
Malware Config
Signatures
-
Enumerates connected drives 3 TTPs 23 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
description ioc Process File opened (read-only) \??\I: msiexec.exe File opened (read-only) \??\R: msiexec.exe File opened (read-only) \??\S: msiexec.exe File opened (read-only) \??\T: msiexec.exe File opened (read-only) \??\W: msiexec.exe File opened (read-only) \??\B: msiexec.exe File opened (read-only) \??\G: msiexec.exe File opened (read-only) \??\J: msiexec.exe File opened (read-only) \??\K: msiexec.exe File opened (read-only) \??\L: msiexec.exe File opened (read-only) \??\O: msiexec.exe File opened (read-only) \??\U: msiexec.exe File opened (read-only) \??\Z: msiexec.exe File opened (read-only) \??\A: msiexec.exe File opened (read-only) \??\E: msiexec.exe File opened (read-only) \??\H: msiexec.exe File opened (read-only) \??\Y: msiexec.exe File opened (read-only) \??\M: msiexec.exe File opened (read-only) \??\N: msiexec.exe File opened (read-only) \??\P: msiexec.exe File opened (read-only) \??\Q: msiexec.exe File opened (read-only) \??\V: msiexec.exe File opened (read-only) \??\X: msiexec.exe -
Suspicious use of AdjustPrivilegeToken 32 IoCs
description pid Process Token: SeShutdownPrivilege 4212 msiexec.exe Token: SeIncreaseQuotaPrivilege 4212 msiexec.exe Token: SeSecurityPrivilege 3532 msiexec.exe Token: SeCreateTokenPrivilege 4212 msiexec.exe Token: SeAssignPrimaryTokenPrivilege 4212 msiexec.exe Token: SeLockMemoryPrivilege 4212 msiexec.exe Token: SeIncreaseQuotaPrivilege 4212 msiexec.exe Token: SeMachineAccountPrivilege 4212 msiexec.exe Token: SeTcbPrivilege 4212 msiexec.exe Token: SeSecurityPrivilege 4212 msiexec.exe Token: SeTakeOwnershipPrivilege 4212 msiexec.exe Token: SeLoadDriverPrivilege 4212 msiexec.exe Token: SeSystemProfilePrivilege 4212 msiexec.exe Token: SeSystemtimePrivilege 4212 msiexec.exe Token: SeProfSingleProcessPrivilege 4212 msiexec.exe Token: SeIncBasePriorityPrivilege 4212 msiexec.exe Token: SeCreatePagefilePrivilege 4212 msiexec.exe Token: SeCreatePermanentPrivilege 4212 msiexec.exe Token: SeBackupPrivilege 4212 msiexec.exe Token: SeRestorePrivilege 4212 msiexec.exe Token: SeShutdownPrivilege 4212 msiexec.exe Token: SeDebugPrivilege 4212 msiexec.exe Token: SeAuditPrivilege 4212 msiexec.exe Token: SeSystemEnvironmentPrivilege 4212 msiexec.exe Token: SeChangeNotifyPrivilege 4212 msiexec.exe Token: SeRemoteShutdownPrivilege 4212 msiexec.exe Token: SeUndockPrivilege 4212 msiexec.exe Token: SeSyncAgentPrivilege 4212 msiexec.exe Token: SeEnableDelegationPrivilege 4212 msiexec.exe Token: SeManageVolumePrivilege 4212 msiexec.exe Token: SeImpersonatePrivilege 4212 msiexec.exe Token: SeCreateGlobalPrivilege 4212 msiexec.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 4212 msiexec.exe
Processes
-
C:\Windows\system32\msiexec.exemsiexec.exe /I "C:\Users\Admin\AppData\Local\Temp\SuperViewer Installer\Volume\bin\p2\VC2015-32Wrapper.msi"1⤵
- Enumerates connected drives
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:4212
-
C:\Windows\system32\msiexec.exeC:\Windows\system32\msiexec.exe /V1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3532