Overview

overview

5

Static

static

GS_LOADER/MP4SDEC.dll

windows7-x64

5

GS_LOADER/MP4SDEC.dll

windows10-2004-x64

5

GS_LOADER/...RE.exe

windows7-x64

5

GS_LOADER/...RE.exe

windows10-2004-x64

5

GS_LOADER/data.dll

windows7-x64

1

GS_LOADER/data.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    72e37297ac5c5dae0bf60fb5ec659942d69faea3

  • Size

    11.6MB

  • Sample

    230103-bw3dmahc24

  • MD5

    4663296357558af8c9d4931597fdb645

  • SHA1

    72e37297ac5c5dae0bf60fb5ec659942d69faea3

  • SHA256

    dc9a325c1cc8008144cc45808a941d50c8b87bc5bceb5c34a26c827404f1a1e3

  • SHA512

    a2f4002cb2a30cf08042444e68458b40c2bf52318703218461c0d25422d6660c00416f7c9ae7e9ac6d3bf5ebc8a52decfa605124db8857d082063ba412c162da

  • SSDEEP

    196608:vFA/9S2iey/0xClRDP8C2aJtUWlJVd+p9tOURnw7N8khwHf56wqkZJGPpGT4rxQ0:vkollRDPJ2a7U4+p9tOyE84+B+k6Pp2c

Score
5/10

Malware Config

Targets

    • Target

      GS_LOADER/MP4SDEC.dll

    • Size

      8.7MB

    • MD5

      b8eb409a703938ec1a6ab332cc0dd1d5

    • SHA1

      83a35bec4a0515b7f7d450f76ed41267e4f968a5

    • SHA256

      73b49cc29c936c36f81f579a3230f428a87b7df821d5ffd549f01656b5db6ec3

    • SHA512

      ab55bbfd6dfc836f1c848fb8c962f38c5def19cc1df21ea6a609f2ef0acfdaa7c5329eb07d54c525b79531e6361c84ae890654ce81afe0a38ecacec2a8b01a68

    • SSDEEP

      196608:42uBSReuRV4gN/TD8bDjiiRRefPGI7wh9RY+WuNNoGXnHPitV:ZhReuD4e8bDjioIGOgngugGXwV

    Score
    5/10

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

    • Target

      GS_LOADER/QS_SETUP_V4.4.430.376_RE.exe

    • Size

      1.3MB

    • MD5

      d6f8b188f695d70af5dd24ad1bdaa6ab

    • SHA1

      128068815ab43adf372b1cccf9126e6003817467

    • SHA256

      d12508eb6d9d60e94b11b6a2dcc75ad4e6f7f11704694856e797800dc87828ca

    • SHA512

      2a82e8a081a3de7befed29b920baee792b24da4c17ef09d7afbeb4d3af41f6b7aa1ae88c5e19adf064d180586aaa0973cd4606b27f8220f292927a14be6cee90

    • SSDEEP

      24576:ktdAm9DUi/CR3wCkCiRgoG7hBaHkbEXXeG/jFtLzi3ZAiSLxenD1op42GbaNDRHq:cqTytRFk6ekfzUZAiSLxenD1op42Gba6

    Score
    5/10

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral3behavioral4

    • Target

      GS_LOADER/data.dll

    • Size

      2.4MB

    • MD5

      49dec65e16ecf52ba6d65d1359209381

    • SHA1

      237dacbc6570d9c9b4d919dfdbe9901bf515cc63

    • SHA256

      9ac097492073df0282e9161f61f794b1c06688b95be60d96f6233cbf8122e427

    • SHA512

      74e411215a44ba728bdb917501cbd1beb5e3bc2bd673f2a2912bcb6ceca48e41b8eb7ab9ecc11a85cf4f10ddc9605a77612cebf8aa4cd3679ffc7a0e14b100b3

    • SSDEEP

      49152:YCKmqan4No+mhH2ntXGbxbl3Uh/54rXmm3DRYiTKFxU2xsSOxO3RWFQ/4s:NR4cMMxZw54aqDOiesHcRa24s

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Matrix

Tasks