Overview
overview
7Static
static
updater.exe
windows10_x64
1runtimes/w...rp.dll
windows10_x64
1runtimes/w...re.dll
windows10_x64
1runtimes/w...me.dll
windows10_x64
1runtimes/w...v2.dll
windows10_x64
1runtimes/w...GL.dll
windows10_x64
1runtimes/w...ef.dll
windows10_x64
1runtimes/w...v2.dll
windows10_x64
3runtimes/w...GL.dll
windows10_x64
1runtimes/w...47.dll
windows10_x64
1runtimes/w...lf.dll
windows10_x64
1runtimes/w...rp.dll
windows10_x64
1runtimes/w...re.dll
windows10_x64
1runtimes/w...me.dll
windows10_x64
3runtimes/w...ss.exe
windows10_x64
1runtimes/w...re.dll
windows10_x64
3cscppcom.exe
windows10_x64
5UX Launcher.exe
windows10_x64
7UX Launcher.dll.exe
windows10_x64
3Newtonsoft.Json.dll
windows10_x64
1NUnrar.dll
windows10_x64
1EO.WebEngine.dll
windows10_x64
1EO.WebBrowser.dll
windows10_x64
1EO.Base.dll
windows10_x64
1CefSharp.Wpf.dll
windows10_x64
1General
-
Target
UX Launcher.zip
-
Size
170.5MB
-
Sample
210818-1tawmac7g2
-
MD5
b11a143bc588f2230edff105bb72c1f3
-
SHA1
907d6c68dd46996bdf82cea4ca7458449016caf7
-
SHA256
d45f541b13139346d518b1ab79a5f70dda19ab6359327d7b76ab91a459813754
-
SHA512
681ac4753b3f70df7c2be6d599abfd11718f85a2b18fe4628840a067541d906698c27b31fdf31ca89898befd9ce55b3242667acd1f07afa099c8a1840f451057
Static task
static1
Behavioral task
behavioral1
Sample
updater.exe
Resource
win10v20210410
Behavioral task
behavioral2
Sample
runtimes/win-x86/lib/netcoreapp3.0/CefSharp.dll
Resource
win10v20210408
Behavioral task
behavioral3
Sample
runtimes/win-x86/lib/netcoreapp3.0/CefSharp.Core.dll
Resource
win10v20210410
Behavioral task
behavioral4
Sample
runtimes/win-x86/lib/netcoreapp3.0/CefSharp.Core.Runtime.dll
Resource
win10v20210408
Behavioral task
behavioral5
Sample
runtimes/win-x64/lib/netcoreapp3.0/swiftshader/libGLESv2.dll
Resource
win10v20210410
Behavioral task
behavioral6
Sample
runtimes/win-x64/lib/netcoreapp3.0/swiftshader/libEGL.dll
Resource
win10v20210408
Behavioral task
behavioral7
Sample
runtimes/win-x64/lib/netcoreapp3.0/libcef.dll
Resource
win10v20210410
Behavioral task
behavioral8
Sample
runtimes/win-x64/lib/netcoreapp3.0/libGLESv2.dll
Resource
win10v20210410
Behavioral task
behavioral9
Sample
runtimes/win-x64/lib/netcoreapp3.0/libEGL.dll
Resource
win10v20210408
Behavioral task
behavioral10
Sample
runtimes/win-x64/lib/netcoreapp3.0/d3dcompiler_47.dll
Resource
win10v20210410
Behavioral task
behavioral11
Sample
runtimes/win-x64/lib/netcoreapp3.0/chrome_elf.dll
Resource
win10v20210408
Behavioral task
behavioral12
Sample
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.dll
Resource
win10v20210410
Behavioral task
behavioral13
Sample
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.Core.dll
Resource
win10v20210408
Behavioral task
behavioral14
Sample
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.Core.Runtime.dll
Resource
win10v20210410
Behavioral task
behavioral15
Sample
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.BrowserSubprocess.exe
Resource
win10v20210410
Behavioral task
behavioral16
Sample
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.BrowserSubprocess.Core.dll
Resource
win10v20210408
Behavioral task
behavioral17
Sample
cscppcom.exe
Resource
win10v20210410
Behavioral task
behavioral18
Sample
UX Launcher.exe
Resource
win10v20210408
Behavioral task
behavioral19
Sample
UX Launcher.dll.exe
Resource
win10v20210410
Behavioral task
behavioral20
Sample
Newtonsoft.Json.dll
Resource
win10v20210408
Behavioral task
behavioral21
Sample
NUnrar.dll
Resource
win10v20210410
Behavioral task
behavioral22
Sample
EO.WebEngine.dll
Resource
win10v20210410
Behavioral task
behavioral23
Sample
EO.WebBrowser.dll
Resource
win10v20210408
Behavioral task
behavioral24
Sample
EO.Base.dll
Resource
win10v20210410
Behavioral task
behavioral25
Sample
CefSharp.Wpf.dll
Resource
win10v20210408
Malware Config
Targets
-
-
Target
CefSharp.Wpf.dll
-
Size
98KB
-
MD5
3daeabfd95e1b8e234e0f59a255de8b7
-
SHA1
898d299fcbd0e037d2e99a0e8ae037faa26dcf84
-
SHA256
b14b98d5de7423f6cd2a762b45a3e1738cac4abc435520cd75158e67ee77b09d
-
SHA512
0fa135c2e7585d06b8d4df7bba0d058bdf4917530bdadf494bda5fad778018b0a5db67aaa4018a6847feb58ed7cc6acf87d695e7830c7061bdc79e646117bb7d
Score1/10 -
-
-
Target
EO.Base.dll
-
Size
3.4MB
-
MD5
c6b629919df8b60730c92a4b47aac7c7
-
SHA1
cea05e154df7b337ce8fd6ec0d73866849951bd7
-
SHA256
875bedfa0733751d4b0397fb3a6d3ec7df60d4ac71c89cc8b8062a2dd07009a9
-
SHA512
6b2453e8c0c8c62939787ff95cdfab0f9b2835541aa491852781a63faef7dc19f4633b045064ae67f1c69568f13ae4d5ef9ccfcba6d70397c9034ef0fc23e350
Score1/10 -
-
-
Target
EO.WebBrowser.dll
-
Size
226KB
-
MD5
011be04d3a479408f061fa5b51443ea1
-
SHA1
c10ecff19ec020226e1818a71210fbad5844b5de
-
SHA256
143f9796b5320b1cdff7db703af07811a7a7dcbf11d2e5b9a20ddbbbbffe305e
-
SHA512
18fbf68267030f75191b47f01e6a08e3a1802a3521ae81acebdfdfaca467c9b7f1b8a77c08914f3c80be0314cfbf767614667f189d60e691248c1072abecf640
Score1/10 -
-
-
Target
EO.WebEngine.dll
-
Size
70.3MB
-
MD5
eeece8cee1595bf44df4c7a46cefb417
-
SHA1
dd52074617c32285b0b275a9a4924c657ece4d2f
-
SHA256
701f287182057663bfe401fc78fc0e1b6547dc61937d70c511760a22f2c7c1a6
-
SHA512
16b92d9a09c0cfc69655047e4fff698bc510f7cd18478169074ddbfa4e80f48c830de2aa90682b0076f96c3e93bf8130006b0faf217e826352ff2bc1176cfa91
Score1/10 -
-
-
Target
NUnrar.dll
-
Size
123KB
-
MD5
329114a6d45a1f67db1831bac2be770b
-
SHA1
861403bfa051306a5f371d0bce06afa68fc9a4e9
-
SHA256
82d93e67d0c1bc5f92faca3cb3ad1cdd0ea130425db47cb3301721945a10f29d
-
SHA512
012ae8132d2c568f61cbc8e0e68abee4e0b37938a0612e7e0765271f42e7bd0dfd93a245bc75c0ad0f384bb62b275209edba05b541210ef9469abbf833b5c08c
Score1/10 -
-
-
Target
Newtonsoft.Json.dll
-
Size
679KB
-
MD5
916d32b899f1bc23b209648d007b99fd
-
SHA1
e3673d05d46f29e68241d4536bddf18cdd0a913d
-
SHA256
72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
-
SHA512
60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
Score1/10 -
-
-
Target
UX Launcher.dll
-
Size
703KB
-
MD5
37bb41c2a36458278f9e7e57db857eb8
-
SHA1
e11cd02bdbdc04a5f01dbe4225692e875ae140a4
-
SHA256
63abf02eb02e2e289909a4eb3f7f936a6c677694ea913d120a4502f85ef1f54e
-
SHA512
028e7ee50f8e091c7720246dc2a01c29617d20b31048d7fae464a2edc7179c47219ff22fa642ebdef8786d058395109ccec686a7f669525ebbdf726d9231aab9
Score1/10 -
-
-
Target
UX Launcher.exe
-
Size
258KB
-
MD5
c9b30c88c88d6574627201a21417abd8
-
SHA1
d4902d1579ec2b075a87d8d485e8ebadf52d8d83
-
SHA256
d11665b6803b2ce7a169afce89b28b48734702d39e1116f5bf08abe9b9042636
-
SHA512
740d40f984c3f16bae6470e1403c40ce401d8873451f0299878476dad780e7f9d5504e7ba2deaf75835f16468b620be5f9ddb729efeb9ba62aca9ea2c8ab9053
Score3/10 -
-
-
Target
cscppcom.exe
-
Size
4.9MB
-
MD5
04a8ed2b6c2c28ab276ce2f93dbb94d4
-
SHA1
d738e6254bf9b2b5584e483e37fabbc460e970c8
-
SHA256
893994002bd922c9c59b7d2c9619894dec365775c6b2d84dafbf416d2cd8ee83
-
SHA512
d7c4d6ba287ecbcdf6f302617431f0eb3c994ea5a6c4ede850106d4de1e7b03f3c80e49a86be3b6e66f4df81b7762963c9d52c28b7c4e61c6c80654a047ff736
Score1/10 -
-
-
Target
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.BrowserSubprocess.Core.dll
-
Size
1.2MB
-
MD5
0695056020eb63f62877493e58cb34a4
-
SHA1
9c8135dc406cd42f2ceebec947c8113238e4fc78
-
SHA256
cd125611cdb5f3a74ee952951a692ee598daa5a7491e87676a4f68930117bb2a
-
SHA512
6a74c029cb1f9b96780d207710b00c9430c629174e08c462c5d8db4ae766946dcb464c7b0ec00cf9db947a873f9c8c5338ed02342ce053397cb533c5808dd236
Score1/10 -
-
-
Target
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.BrowserSubprocess.exe
-
Size
6KB
-
MD5
c8c4e02ad521bc6b83b4b6d5f90ee186
-
SHA1
177a3b55fcb4ff6d9bb645a287bf5063313b8578
-
SHA256
64b548f7b137759d8ee51f5d2b60a61f748715eb14b4fc5e2db02a2b7e51c793
-
SHA512
55929555e37ea8ad1a7e9720ead1284d385858e5974fd984637f31d3476a08b00a2bb5ca7677269e3f7a8f05b8006dee206cb0e529b471d78193634a23d22baf
Score1/10 -
-
-
Target
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.Core.Runtime.dll
-
Size
1.9MB
-
MD5
2d63bcfee8470ea6e0b1dc023181b06d
-
SHA1
d371ddbbd8387490db9f2a48cb4923b5dd44078a
-
SHA256
6c4105b8a81b24c58621a6dedd7774c222203ff8e7d2274ba28a64c8d1a724b5
-
SHA512
5e0c6588160bbfeaf5f67e51b7d6eb4aac977d9738dcc4fc8dbf09a24c55368bd82bd4ce07b49430e569476ac815b39674f485128e8094b50c1ba60072dfdbeb
Score1/10 -
-
-
Target
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.Core.dll
-
Size
36KB
-
MD5
11518dfc2043748eff8c526719ce3aec
-
SHA1
50652bd4282512541d0b6360200b3bceca45b109
-
SHA256
79c3821ca3a2ef0419e57e5234a6a6c25335ca6ad584cf6657e6b381533c46e1
-
SHA512
ac8de65410423094761f365997c2969b19690a15db6677d0a9bb9be52089ee85d6f0e7d51a4fcc714bcddae7b8454b913176725e2b5708f415328718f7ee0a9b
Score1/10 -
-
-
Target
runtimes/win-x64/lib/netcoreapp3.0/CefSharp.dll
-
Size
1.1MB
-
MD5
c71d59ab2399a931c9c95e2e34ad8134
-
SHA1
6cadecf99e21f52af9bee9004454ee2797f7facf
-
SHA256
04d99ebdc08188798d80ae476655933afe0454e297e82ab04ce8ce04df035642
-
SHA512
10f2c668d2f94fcfa3d1cdbc93b1f5dca86e38855accb4055a4439d7d8a6d403f3399c1b794e517c05335759a3ac99012a7eb04427bf1074e618a3d265dec427
Score3/10 -
-
-
Target
runtimes/win-x64/lib/netcoreapp3.0/chrome_elf.dll
-
Size
1.1MB
-
MD5
fbf3b0711733e2bf2d568ae8430489b7
-
SHA1
1b91b5c5c697e22547d5d15f5bbead57647ce971
-
SHA256
f9032348386637e55788348dc8ed5879daee978be8ab77cd42b0316427d6fbc8
-
SHA512
53028535e302657ef2d0d025c166a81b0f5862637e6241b4e97d8a81739d58939cd5285ea2856e8d43d6110115eeafed1e907de75a039f9318eb7759cbdcb197
Score1/10 -
-
-
Target
runtimes/win-x64/lib/netcoreapp3.0/d3dcompiler_47.dll
-
Size
4.1MB
-
MD5
222d020bd33c90170a8296adc1b7036a
-
SHA1
612e6f443d927330b9b8ac13cc4a2a6b959cee48
-
SHA256
4432bbd1a390874f3f0a503d45cc48d346abc3a8c0213c289f4b615bf0ee84f3
-
SHA512
ad8c7ce7f6f353da5e2cf816e1a69f1ec14011612e8041e4f9bb6ebed3e0fa4e4ebc069155a0c66e23811467012c201893b9b3b7a947d089ce2c749d5e8910c6
Score3/10 -
-
-
Target
runtimes/win-x64/lib/netcoreapp3.0/libEGL.dll
-
Size
397KB
-
MD5
b83959bbba3e27c60d8474d940024e4c
-
SHA1
a4e50fa1eaaceaa64d89fd270ce0b58bfdc8998b
-
SHA256
6948e30a0d0eac9584071430d93f4e49645cbaf73ef821d723de6bc00ff13f79
-
SHA512
edab21cf052649b9ce9584f371ec7de572a27f85cc695b3ffc5f50f94a7dfc1dbc7486ffc956a9b09dcac991adc4cb9cb65f90ff19a5c009d95b47127dfce13b
Score5/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
runtimes/win-x64/lib/netcoreapp3.0/libGLESv2.dll
-
Size
6.5MB
-
MD5
7616ccb6d2f67d4afb63b65609d841eb
-
SHA1
57a896a16c43817c674fcb0486a41065157cd473
-
SHA256
a11c83a10cdcfec7eea0a81ebbcb057513549897c1bdf559dcfb108ace06277f
-
SHA512
3b4c2fefe2ad546150ec5fa52945ef8a605e51826ed98aa21551a1925dc5225203e99d7dc0a89d6ccfa49de699cc31826cd73e07508ed88fe8b9085ad39a06ae
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
runtimes/win-x64/lib/netcoreapp3.0/libcef.dll
-
Size
146.6MB
-
MD5
90cfd2097b2b61392ba983c5b7824ceb
-
SHA1
05d13be67b6ddaecb14a8032e88c027457043bb7
-
SHA256
72da1a0a7e4d98436a6d2b4f40b1b36222d09d2787aa91de8e3cce541e413ce2
-
SHA512
45d9c5b36d6a248cbca3e1d01c3036ca2259f8b8498327db71e121b43a2a275a81d17d6964cde5cde95d77899bdb0b81ded5425d9cdbdd6e0e1e0a86b8e471b8
Score3/10 -
-
-
Target
runtimes/win-x64/lib/netcoreapp3.0/swiftshader/libEGL.dll
-
Size
415KB
-
MD5
24c3180f2700201366e276cec8d395ec
-
SHA1
1fbede9dab53a057292c568db8a3a5f79011960a
-
SHA256
c5979db8628591c081e60dc7ab252d8aa17cb4b662a154f32c9b135c2beee29a
-
SHA512
c99d51e8b4047085a2ea1cf0f1ac35c1c85372036abbf25bb520511ffd81a0569ec0f1f40493782a017536fe6d02e524774d1094d4d0514d3b9c56e6742b81f9
Score1/10 -
-
-
Target
runtimes/win-x64/lib/netcoreapp3.0/swiftshader/libGLESv2.dll
-
Size
2.6MB
-
MD5
eda38d77960eb7aa75c6c2c04883b509
-
SHA1
8fec096bce2366beeaed09bc5be952ae322c39e0
-
SHA256
3d90068f929c86b2038c0690cfd79e9f2efab9d897eebfaefeb56ee5f84f3451
-
SHA512
8044216125af03132c0b0796f4f326abfd02275a063df69277b9d84c2424046df3a9a5df33621b7b8b52160bf7bdab33740883ce5c2f55e7bdbc9d4db6a36f46
Score1/10 -
-
-
Target
runtimes/win-x86/lib/netcoreapp3.0/CefSharp.Core.Runtime.dll
-
Size
1.4MB
-
MD5
0233e8f518cb12aba755a987c3748313
-
SHA1
69b0553a28cddc09f66e246ce443cf7ce1bebf95
-
SHA256
b98597c67bd11479eebb5b09968c38ac3209212719132e6ddf055f5f46da3866
-
SHA512
764b480fbf8cd205720b426b3ed83c2e92bb1d8fee75028dedd72abcc983837d01f663cb981c5ed54673c3f1a6aefff7f025adb18b81c0c24d9035553f2adf6b
Score1/10 -
-
-
Target
runtimes/win-x86/lib/netcoreapp3.0/CefSharp.Core.dll
-
Size
36KB
-
MD5
11518dfc2043748eff8c526719ce3aec
-
SHA1
50652bd4282512541d0b6360200b3bceca45b109
-
SHA256
79c3821ca3a2ef0419e57e5234a6a6c25335ca6ad584cf6657e6b381533c46e1
-
SHA512
ac8de65410423094761f365997c2969b19690a15db6677d0a9bb9be52089ee85d6f0e7d51a4fcc714bcddae7b8454b913176725e2b5708f415328718f7ee0a9b
Score1/10 -
-
-
Target
runtimes/win-x86/lib/netcoreapp3.0/CefSharp.dll
-
Size
1.1MB
-
MD5
c71d59ab2399a931c9c95e2e34ad8134
-
SHA1
6cadecf99e21f52af9bee9004454ee2797f7facf
-
SHA256
04d99ebdc08188798d80ae476655933afe0454e297e82ab04ce8ce04df035642
-
SHA512
10f2c668d2f94fcfa3d1cdbc93b1f5dca86e38855accb4055a4439d7d8a6d403f3399c1b794e517c05335759a3ac99012a7eb04427bf1074e618a3d265dec427
Score1/10 -
-
-
Target
updater.exe
-
Size
42KB
-
MD5
cd7bbff7058d40a88550acb472e5b141
-
SHA1
c8b2c2349b912062eccc8b370e216ab1461aa2af
-
SHA256
44e8bb810796eb5e2612a2f6be71cccf3d395f8c60d39864c82e0adec2f49ddb
-
SHA512
7f60050d9ea6366deb6ca8597bca6d15f4ff7958c23cb6aa6181b60792cf3a36eed52cc6df6657a0f03c04bc31c1ec81b93da248e9f34954a8a9ace415a3bcef
Score1/10 -