General
-
Target
Movavi Video Editor Plus 22.1.1 (x64).zip
-
Size
87.2MB
-
Sample
221003-lj59vsfhg3
-
MD5
3597b030a05c49689cc2875a7355ec06
-
SHA1
a3fd6aa7d388320f4340115d69640b0cd26e337a
-
SHA256
a2a5404ab0542af35bea0800030683ab2909b8b5bf47ced4e7dfaf8fa6baa90c
-
SHA512
cec5f925d2c1fce2dd642ebd9c4318e1811ee836d39be852bfcade35de90d9778b354a4118b84288cd55cdc51602e9114138f13a5aa39a806cfd9b80897fe411
-
SSDEEP
1572864:ceRqb1baLGElbjNCgoCfp8WFLNWFqdXclHz+fDShgAFyQynwHdyaAcDRZb9u8:p8bkjN3pfCWFZWFqpg+rSGAJNyaA0f9r
Behavioral task
behavioral1
Sample
Movavi Video Editor Plus 22.1.1 (x64) Multilingual/Hook-dll/bb2018.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Movavi Video Editor Plus 22.1.1 (x64) Multilingual/Hook-dll/bb2018.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
Movavi Video Editor Plus 22.1.1 (x64) Multilingual/Hook-dll/wtsapi32.dll
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
Movavi Video Editor Plus 22.1.1 (x64) Multilingual/Hook-dll/wtsapi32.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral5
Sample
Movavi Video Editor Plus 22.1.1 (x64) Multilingual/MovaviVideoEditorPlusSetup.exe
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
Movavi Video Editor Plus 22.1.1 (x64) Multilingual/MovaviVideoEditorPlusSetup.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
Movavi Video Editor Plus 22.1.1 (x64) Multilingual/Hook-dll/bb2018.dll
-
Size
201KB
-
MD5
6f4b671473e343ff6eb0cd9951f24934
-
SHA1
dbebbc223cd39f5649867395438ef2750d90e32f
-
SHA256
a00178f72d569fd845cc8f7c5cb7c4f983ed0dfbe3176e15c42ae884dee2db36
-
SHA512
76f009757d9a6af55a75d39a14b6a10c240081fd7f2d9bfe7eb909f0e4122052961f9312fbbf52caa6e629ce97912be992dce63d301c7db3974f39b16a5f4d2c
-
SSDEEP
3072:2+ATME5JAC/T/2njLhbCDvmSOo2iePG3ufWC+vrXT/7nM4L3zxO1S+b2+QNOURoM:W9ygBm+Hjt3FwdnmgX4eo1uPESEz96
Score8/10 -
-
-
Target
Movavi Video Editor Plus 22.1.1 (x64) Multilingual/Hook-dll/wtsapi32.dll
-
Size
328KB
-
MD5
63fe84db6cb9962e66b18ea693548b6a
-
SHA1
8a3bfc360c6000608ac2835aa018dfefdbc6d359
-
SHA256
3adab3ec18b35ff15d6624b3d3e5323b68f029d82c0325c9fd0d9d8ce08d5ca4
-
SHA512
dee25b7374d57bca19fd7f0ec7c1a13f532601441693fd52619ebd2746656542c49348d5f6b3c23740ba366fbcd8f7f2bc6050afc4db0a40fcbda6322ace0ee3
-
SSDEEP
6144:lH1IsnREu09rmgpkjHUr8htAzkZwTLnNCAC8isFZ4RG+h40R:cWn09rnejUr8i9C8vFqvhTR
Score8/10 -
-
-
Target
Movavi Video Editor Plus 22.1.1 (x64) Multilingual/MovaviVideoEditorPlusSetup.exe
-
Size
87.6MB
-
MD5
e94e8fb00c86bd4f38b5fa50dad51e13
-
SHA1
997854e4bb04c655f714ed39c8fb9e1fe046b442
-
SHA256
60d1e0e7201e6c06e7765f4751a42ba16a5054076112d8a163adc92e725caa68
-
SHA512
d11c26fdaa9acc042c180728e4b186b5b0186eb2c8dcdfc67fef46949c9e2220784b397727b77f9743e0627ed14502a2d994b5eefbfa9535879fbfe15534b712
-
SSDEEP
1572864:ZgWxvK6TOgcN+60TsyFGzeAojxOFz23jEjqU1975SXESJaFx/efTgNATgukzu2tQ:Zn9pTOgDNTJAod8z23YqW97MXNIjGfTB
Score8/10-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-