ffe4fd32513e15308a09d962a9a13b197c4c7eadcda08c5162100c45b90c705a | Triage

Submit
Reports

Overview

overview

8

Static

static

LDPlayer_4.0.83.exe

windows7-x64

8

LDPlayer_4.0.83.exe

windows10-2004-x64

1

Sharing

General

Target

LDPlayer_4.0.83.exe
Size

462.8MB
Sample

230103-sc93ssbg22
MD5

f3257310b37b572a371c05dd0bb419ef
SHA1

6c9354a3bb7246af254f00b4adb01b556adc1e8e
SHA256

ffe4fd32513e15308a09d962a9a13b197c4c7eadcda08c5162100c45b90c705a
SHA512

c7377a493ebf6c6bdf2ab833b3814ae9acc8bd5fb26a3823f5f7dad0814deb9022af63a18e61f8cbb6b94b5588fc6a211f3e45975115ef67d55a03fccc5ac67f
SSDEEP

12582912:pJXl2nKPm5SbecJOq82k+HY2uYjxTCc5fjCDhSCne:92KjbRMq82pHYhgCc5Qc

Score

8^/10

discovery exploit persistence

Static task

static1

Behavioral task

behavioral1

Sample

LDPlayer_4.0.83.exe

Resource

win7-20221111-en

discovery exploit persistence

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

LDPlayer_4.0.83.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  LDPlayer_4.0.83.exe
- Size
  
  462.8MB
- MD5
  
  f3257310b37b572a371c05dd0bb419ef
- SHA1
  
  6c9354a3bb7246af254f00b4adb01b556adc1e8e
- SHA256
  
  ffe4fd32513e15308a09d962a9a13b197c4c7eadcda08c5162100c45b90c705a
- SHA512
  
  c7377a493ebf6c6bdf2ab833b3814ae9acc8bd5fb26a3823f5f7dad0814deb9022af63a18e61f8cbb6b94b5588fc6a211f3e45975115ef67d55a03fccc5ac67f
- SSDEEP
  
  12582912:pJXl2nKPm5SbecJOq82k+HY2uYjxTCc5fjCDhSCne:92KjbRMq82pHYhgCc5Qc
Score

8^/10

discovery exploit persistence
- Creates new service(s)
  persistence
- Executes dropped EXE
- Possible privilege escalation attempt
  exploit
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Modifies file permissions
  discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

New Service

Registry Run Keys / Startup Folder

Privilege Escalation

New Service

Defense Evasion

File Permissions Modification

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryexploitpersistence

behavioral2

© 2018-2024

Terms | Privacy