Overview

overview

8

Static

static

AllVideoSo...GL.exe

windows7-x64

8

AllVideoSo...GL.exe

windows10-2004-x64

8

AllVideoSo...pk.dll

windows7-x64

8

AllVideoSo...pk.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a79e50e75bb460b965145638b3ed120d2c86fb4ac606ef51bc3c4922cf0fe3e6

  • Size

    2.2MB

  • Sample

    221124-zy55asdb2x

  • MD5

    7a12b4f6cc81025eb412270938a446da

  • SHA1

    a9dce9a68b45a7879a78136cfb99763cf1973fd9

  • SHA256

    a79e50e75bb460b965145638b3ed120d2c86fb4ac606ef51bc3c4922cf0fe3e6

  • SHA512

    d5011227dd3222386ce1d5f5b1e185e2ffeddf5c238e8accc6399b07b23ae9855dd221209a95eb869ef5df6cab19a2a985a2189030a41de52fd4e69a7912a0b7

  • SSDEEP

    49152:Rny/DmEQ3p21pyLqELxQDpOpTjoonCTSIXwf/NsrQwESr0A:RybmEcLqEaDpBoC2I13t0A

Score
8/10
upx

Malware Config

Targets

    • Target

      AllVideoSoundExtractor/HA_AllVideoSoundExtractor23_WGL.exe

    • Size

      2.2MB

    • MD5

      4a541e33644947129d4e44d6738054be

    • SHA1

      05bc619db97a0b75339f84f82fcff1d7d063f760

    • SHA256

      fbbc39f091eccf88bdcbac3245e5073ffd61171ae1c7fb29868c1a26671ffc30

    • SHA512

      d218418f872cc6ea55c14fa1513f4a2225d07a58b0c943c15d337176379370c6ce9efd66439c50e353fbcaba3e770ef3ed71f1c31b8406e7fd177bce70832bd3

    • SSDEEP

      49152:B6d0+Akdo6NzKnN3c8PGLJ+WqmSHHstiIaZukxz7bCBx5tnd:kdWkdgMxLJ+WqnHMtVkq5tnd

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      AllVideoSoundExtractor/lpk.dll

    • Size

      46KB

    • MD5

      77774d76e724ae9017bac8609947899c

    • SHA1

      efd281c15cc901fee9c64f88fd0b74eb1fa82b57

    • SHA256

      2017c37d13d1c5475cb1532f06a87ae60b1b5852a405a2b6c24d881efe7aba08

    • SHA512

      68d88ff7c3e130f2ac25e73ba92398dd2b8a6dba26980395996ed6c8e7a4a404de30ce40f9819925afe55040c8f69e6461b7f8349d8de5f2ccdf19116407699f

    • SSDEEP

      768:IUWUAohfjiT5ediDgEYe5eWomHEo2fKEFCLxu5qr7Ho73UEWkGpIfxMC:10qfWT5MbEYme9aLMBCVuEXID3x+C

    Score
    8/10
    upx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks