Overview
overview
9Static
static
7D3Dcompiler_47.dll
windows7-x64
3D3Dcompiler_47.dll
windows10-2004-x64
3VtTalkStudent.exe
windows7-x64
7VtTalkStudent.exe
windows10-2004-x64
9libEGL.dll
windows7-x64
1libEGL.dll
windows10-2004-x64
1libGLESv2.dll
windows7-x64
1libGLESv2.dll
windows10-2004-x64
1libass-9.dll
windows7-x64
1libass-9.dll
windows10-2004-x64
1libbz2-1.dll
windows7-x64
3libbz2-1.dll
windows10-2004-x64
3libcrypto-1_1.dll
windows7-x64
3libcrypto-1_1.dll
windows10-2004-x64
3libcrypto.dll
windows7-x64
3libcrypto.dll
windows10-2004-x64
3libcurl.dll
windows7-x64
3libcurl.dll
windows10-2004-x64
3libgcc_s_dw2-1.dll
windows7-x64
3libgcc_s_dw2-1.dll
windows10-2004-x64
3libiconv-2.dll
windows7-x64
3libiconv-2.dll
windows10-2004-x64
3liblzma-5.dll
windows7-x64
3liblzma-5.dll
windows10-2004-x64
3libmbedcrypto.dll
windows7-x64
1libmbedcrypto.dll
windows10-2004-x64
1General
-
Target
app.7z
-
Size
37.6MB
-
Sample
220812-v9rzlagacn
-
MD5
176cbb94d3f6e98a261935fa984618d3
-
SHA1
f7ec9d12e11b11f3baea7c20a9af0ba82bf9bc3f
-
SHA256
204675ed11d30dd3dbc631f798b4364c128eb4e9413f1da195790abf880e8b9a
-
SHA512
7b05c5172cb6927be931bc979ed9a6c47c139a349b24d1be42ee26ea9b2e8fd519c5b9b5a7ccdcad992bf06273620e3d63fa9164836810778d31f65755b73f8a
Behavioral task
behavioral1
Sample
D3Dcompiler_47.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
D3Dcompiler_47.dll
Resource
win10v2004-20220722-en
Behavioral task
behavioral3
Sample
VtTalkStudent.exe
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
VtTalkStudent.exe
Resource
win10v2004-20220721-en
Behavioral task
behavioral5
Sample
libEGL.dll
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
libEGL.dll
Resource
win10v2004-20220721-en
Behavioral task
behavioral7
Sample
libGLESv2.dll
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
libGLESv2.dll
Resource
win10v2004-20220721-en
Behavioral task
behavioral9
Sample
libass-9.dll
Resource
win7-20220812-en
Behavioral task
behavioral10
Sample
libass-9.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral11
Sample
libbz2-1.dll
Resource
win7-20220812-en
Behavioral task
behavioral12
Sample
libbz2-1.dll
Resource
win10v2004-20220721-en
Behavioral task
behavioral13
Sample
libcrypto-1_1.dll
Resource
win7-20220812-en
Behavioral task
behavioral14
Sample
libcrypto-1_1.dll
Resource
win10v2004-20220721-en
Behavioral task
behavioral15
Sample
libcrypto.dll
Resource
win7-20220812-en
Behavioral task
behavioral16
Sample
libcrypto.dll
Resource
win10v2004-20220721-en
Behavioral task
behavioral17
Sample
libcurl.dll
Resource
win7-20220812-en
Behavioral task
behavioral18
Sample
libcurl.dll
Resource
win10v2004-20220721-en
Behavioral task
behavioral19
Sample
libgcc_s_dw2-1.dll
Resource
win7-20220812-en
Behavioral task
behavioral20
Sample
libgcc_s_dw2-1.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral21
Sample
libiconv-2.dll
Resource
win7-20220812-en
Behavioral task
behavioral22
Sample
libiconv-2.dll
Resource
win10v2004-20220722-en
Behavioral task
behavioral23
Sample
liblzma-5.dll
Resource
win7-20220812-en
Behavioral task
behavioral24
Sample
liblzma-5.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral25
Sample
libmbedcrypto.dll
Resource
win7-20220812-en
Behavioral task
behavioral26
Sample
libmbedcrypto.dll
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
D3Dcompiler_47.dll
-
Size
3.3MB
-
MD5
c5b362bce86bb0ad3149c4540201331d
-
SHA1
91bc4989345a4e26f06c0c781a21a27d4ee9bacd
-
SHA256
efbdbbcd0d954f8fdc53467de5d89ad525e4e4a9cfff8a15d07c6fdb350c407f
-
SHA512
82fa22f6509334a6a481b0731de1898aa70d2cf3a35f81c4a91fffe0f4c4dd727c8d6a238c778adc7678dfcf1bc81011a9eff2dee912e6b14f93ca3600d62ddd
Score3/10 -
-
-
Target
VtTalkStudent.exe
-
Size
3.3MB
-
MD5
35c0b4db3ec83f9b27c53ddc1e27c376
-
SHA1
c5764a6b41b6c6470a6edf77a5136bb362e437b4
-
SHA256
8163cadf427be35cf1143e8163033f58265e1680b931a8083b56a4a2d7c3c42b
-
SHA512
28c321f84d500efbea97a3216e257090c85d79d63e4e0db78ae737f085c539f848b1292ac44431053043c53839f7b14bbbf3401d2fd70f173551b0124b72d8da
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
libEGL.dll
-
Size
65KB
-
MD5
683fe751705a3876223557ed3f1cf9d2
-
SHA1
5438089276978a3953c36f6b996c9bc9972326b7
-
SHA256
2bfca8ad96c13910febd0e4b43476668590ec0e9bcf3adfd8fef927bee36c394
-
SHA512
8c279aaa5de7fb3b2c8690d1c74d987ab99b7178c90925b8de692d9ee0079e7033102e3abb717a2469fdb5e7cac6bfe5a62c52574fd273ad11fb9f79eb458d33
Score1/10 -
-
-
Target
libGLESv2.dll
-
Size
7.6MB
-
MD5
dfcb482c34211c3b5e6bcbc36f00d044
-
SHA1
89f114d199d45f945b0fe42b1043420d4e9c427a
-
SHA256
d54373072028fbcf89716c3479a241ebd452410848f654927f2d140a02c0fc8e
-
SHA512
2962c656a0098c24b36c416730c62abdd1fca047f19e32d8b2eaedc86a587674b98a270c43cdc94642d9769cae256c291f62ba8e9593f58e3cc102e51397971e
Score1/10 -
-
-
Target
libass-9.dll
-
Size
302KB
-
MD5
d0f7a5ad8ef837fa6b1ec02b1c0ff452
-
SHA1
c2cd3e369b47ec8a0503ab929ab3247520bf3a15
-
SHA256
5f673564895592a63b36ed0bca1827a1f14be4f931d57d10565e8ded0d85556b
-
SHA512
d1adffde8a92660305238d325fc5f4c6103b9da4173466fd656ff246b42035e799593e78684cc2e6de48870ca2c50e513bc89d41453a1e12812b427a76b683ac
Score1/10 -
-
-
Target
libbz2-1.dll
-
Size
103KB
-
MD5
0c6452935851b7cdb3a365aecd2dd260
-
SHA1
83ef3cd7f985acc113a6de364bdb376dbf8d2f48
-
SHA256
f8385d08bd44b213ff2a2c360fe01ae8a1eda5311c7e1fc1a043c524e899a8ed
-
SHA512
5ff21a85ee28665c4e707c7044f122d1bac8e408a06f8ea16e33a8c9201798d196fa65b24327f208c4ff415e24a5ad2414fe7a91d9c0b0d8cff88299111f2e1d
Score3/10 -
-
-
Target
libcrypto-1_1.dll
-
Size
2.7MB
-
MD5
e08470993ca77e13030d2956e4346464
-
SHA1
04d151f8d71767c3aff316778b7fc0b8470d7f14
-
SHA256
585dd75ffb3982de25981af2f05b519468db0cc1e9ca5e4ef7c35b0fbf8b1fae
-
SHA512
a00b47b097b9457c5b2b4f3bb8b1719ba158fc9e54567d51663ab042261627ea61959d6817b818ffc364cc790b422917578e3ff5aca4f5f081fb989b8552e802
Score3/10 -
-
-
Target
libcrypto.dll
-
Size
2.7MB
-
MD5
e08470993ca77e13030d2956e4346464
-
SHA1
04d151f8d71767c3aff316778b7fc0b8470d7f14
-
SHA256
585dd75ffb3982de25981af2f05b519468db0cc1e9ca5e4ef7c35b0fbf8b1fae
-
SHA512
a00b47b097b9457c5b2b4f3bb8b1719ba158fc9e54567d51663ab042261627ea61959d6817b818ffc364cc790b422917578e3ff5aca4f5f081fb989b8552e802
Score3/10 -
-
-
Target
libcurl.dll
-
Size
420KB
-
MD5
a0722b584c374ec7517311922c196df2
-
SHA1
100761497569f752e064643c9aa3510d10d2245a
-
SHA256
d65cc86cbc6181eb5732463e4976ea7ee63054acdd2015820a43fd6b8768cbe8
-
SHA512
c8f1b27d5e39fcd8432728bd617d154d5f63232dd44f40a1a06df7db1f3ec6bc412c7cc4063946faf1c4da49b8576c338c4b1f4d9e66336831e0965a700fd371
Score3/10 -
-
-
Target
libgcc_s_dw2-1.dll
-
Size
113KB
-
MD5
9aec524b616618b0d3d00b27b6f51da1
-
SHA1
64264300801a353db324d11738ffed876550e1d3
-
SHA256
59a466f77584438fc3abc0f43edc0fc99d41851726827a008841f05cfe12da7e
-
SHA512
0648a26940e8f4aad73b05ad53e43316dd688e5d55e293cce88267b2b8744412be2e0d507dadad830776bf715bcd819f00f5d1f7ac1c5f1c4f682fb7457a20d0
Score3/10 -
-
-
Target
libiconv-2.dll
-
Size
1.0MB
-
MD5
b7df9b43bf812ddaf60c99732c1ab273
-
SHA1
4a90353c8b2845008483854642b711e917f9ceef
-
SHA256
74024fe9b8a1e4f8b9b7561b336b2916a20784699cdeef2948074f0e820c9bde
-
SHA512
db78a8af90e8557ba37df1b8c089b8c2e6d912cb08a7b633126541fa9a2e91a0dd90e275a83d323db0e38bb464744225b0fd405a2c828170b5b7ac1333d6c6e7
Score3/10 -
-
-
Target
liblzma-5.dll
-
Size
169KB
-
MD5
196ae4c5ca6ae3798ab5dc8c5d7aa142
-
SHA1
394e13883afd0515336583eec394d16bb8568f24
-
SHA256
3e4b4ccaf429c08fa11c6a3472ceab77709bf16d5dedd526a64f7ed42a9575db
-
SHA512
3f0823f581f820300dddf7c2d67d77a8bc59c7345e59115dc64bcf393b2febc18d659411cf60eb19016de68a4d6dcb3b5beaba68a27cf4fe7908fb01a66cf183
Score3/10 -
-
-
Target
libmbedcrypto.dll
-
Size
518KB
-
MD5
8fd812a3662ac33cfd688d2f0efb9254
-
SHA1
15e1c73e64172f58c0b2341b05b6efaec7bd090e
-
SHA256
11c81bb55645e28060fd0384bdbfaceda46beef9c517e71fe13af1c53e26d39a
-
SHA512
5a5957f7c6e62d291cedccaac8cc8d25b63470b5b6b79701e4eb9f1ec8d2c0897dc5cea64ba9847c76cc4522206a0798d9caefcac820def645084b98d07fc845
Score1/10 -