Overview
overview
1Static
static
OBS/Config...gc.dll
windows7-x64
1OBS/Config...gc.dll
windows10-2004-x64
1OBS/Config...ck.dll
windows7-x64
1OBS/Config...ck.dll
windows10-2004-x64
1OBS/Config...xy.dll
windows7-x64
1OBS/Config...xy.dll
windows10-2004-x64
1OBS/Config...xe.dll
windows7-x64
1OBS/Config...xe.dll
windows10-2004-x64
1OBS/Config...ys.dll
windows7-x64
1OBS/Config...ys.dll
windows10-2004-x64
1OBS/Config...32.dll
windows7-x64
1OBS/Config...32.dll
windows10-2004-x64
1OBS/Config...32.dll
windows7-x64
1OBS/Config...32.dll
windows10-2004-x64
1OBS/Config...ms.dll
windows7-x64
1OBS/Config...ms.dll
windows10-2004-x64
1OBS/Config...ng.dll
windows7-x64
1OBS/Config...ng.dll
windows10-2004-x64
1OBS/Config...sg.dll
windows7-x64
1OBS/Config...sg.dll
windows10-2004-x64
1OBS/Config...vs.dll
windows7-x64
1OBS/Config...vs.dll
windows10-2004-x64
OBS/Config...ml.dll
windows7-x64
1OBS/Config...ml.dll
windows10-2004-x64
1OBS/Config...lt.dll
windows7-x64
1OBS/Config...lt.dll
windows10-2004-x64
1OBS/Config...xe.dll
windows7-x64
1OBS/Config...xe.dll
windows10-2004-x64
1OBS/Config...xe.dll
windows7-x64
1OBS/Config...xe.dll
windows10-2004-x64
1OBS/Config...ys.dll
windows7-x64
1OBS/Config...ys.dll
windows10-2004-x64
1General
-
Target
b5902737cff8946ebc43771a47eca5237b2c6cdc
-
Size
17.4MB
-
Sample
230116-h5j2zafb31
-
MD5
7b1c74e08d42757792cb935800da1e75
-
SHA1
b5902737cff8946ebc43771a47eca5237b2c6cdc
-
SHA256
4daaba19d412cdf3838a0c373cdc9b7cfc26423723307482e4b0f946909c726e
-
SHA512
821978f8ae4f5397813adde7a52f8e9a1791e78b7d33a6825e4e6576ae3d0ffd3fdfac8f05bfbc0d0c84813991097e7c2a15f98c7e4b8eee19696466440eac4b
-
SSDEEP
393216:xsCdwI+MshEZaynVkpk/7Q8BpuiiJKhMFUV28tP33+NM4:AASICshMFE28tvuNM4
Static task
static1
Behavioral task
behavioral1
Sample
OBS/Configuration/About/UserDeviceRegistration.Ngc.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
OBS/Configuration/About/UserDeviceRegistration.Ngc.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
OBS/Configuration/About/UserLanguageProfileCallback.dll
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
OBS/Configuration/About/UserLanguageProfileCallback.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral5
Sample
OBS/Configuration/About/UserMgrProxy.dll
Resource
win7-20221111-en
Behavioral task
behavioral6
Sample
OBS/Configuration/About/UserMgrProxy.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral7
Sample
OBS/Configuration/About/cs-CZ/WWAHost.exe.dll
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
OBS/Configuration/About/cs-CZ/WWAHost.exe.dll
Resource
win10v2004-20221111-en
Behavioral task
behavioral9
Sample
OBS/Configuration/About/cs-CZ/cdosys.dll
Resource
win7-20220812-en
Behavioral task
behavioral10
Sample
OBS/Configuration/About/cs-CZ/cdosys.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral11
Sample
OBS/Configuration/About/cs-CZ/comctl32.dll
Resource
win7-20221111-en
Behavioral task
behavioral12
Sample
OBS/Configuration/About/cs-CZ/comctl32.dll
Resource
win10v2004-20221111-en
Behavioral task
behavioral13
Sample
OBS/Configuration/About/cs-CZ/comdlg32.dll
Resource
win7-20221111-en
Behavioral task
behavioral14
Sample
OBS/Configuration/About/cs-CZ/comdlg32.dll
Resource
win10v2004-20221111-en
Behavioral task
behavioral15
Sample
OBS/Configuration/About/cs-CZ/fms.dll
Resource
win7-20220812-en
Behavioral task
behavioral16
Sample
OBS/Configuration/About/cs-CZ/fms.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral17
Sample
OBS/Configuration/About/cs-CZ/mlang.dll
Resource
win7-20221111-en
Behavioral task
behavioral18
Sample
OBS/Configuration/About/cs-CZ/mlang.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral19
Sample
OBS/Configuration/About/cs-CZ/msimsg.dll
Resource
win7-20220901-en
Behavioral task
behavioral20
Sample
OBS/Configuration/About/cs-CZ/msimsg.dll
Resource
win10v2004-20221111-en
Behavioral task
behavioral21
Sample
OBS/Configuration/About/cs-CZ/msprivs.dll
Resource
win7-20221111-en
Behavioral task
behavioral22
Sample
OBS/Configuration/About/cs-CZ/msprivs.dll
Resource
win10v2004-20221111-en
Behavioral task
behavioral23
Sample
OBS/Configuration/About/cs-CZ/windows.ui.xaml.dll
Resource
win7-20221111-en
Behavioral task
behavioral24
Sample
OBS/Configuration/About/cs-CZ/windows.ui.xaml.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral25
Sample
OBS/Configuration/About/cs-CZ/xpsfilt.dll
Resource
win7-20220812-en
Behavioral task
behavioral26
Sample
OBS/Configuration/About/cs-CZ/xpsfilt.dll
Resource
win10v2004-20221111-en
Behavioral task
behavioral27
Sample
OBS/Configuration/About/cs-CZ/xpsrchvw.exe.dll
Resource
win7-20221111-en
Behavioral task
behavioral28
Sample
OBS/Configuration/About/cs-CZ/xpsrchvw.exe.dll
Resource
win10v2004-20221111-en
Behavioral task
behavioral29
Sample
OBS/Configuration/About/da-DK/WWAHost.exe.dll
Resource
win7-20220812-en
Behavioral task
behavioral30
Sample
OBS/Configuration/About/da-DK/WWAHost.exe.dll
Resource
win10v2004-20221111-en
Behavioral task
behavioral31
Sample
OBS/Configuration/About/da-DK/cdosys.dll
Resource
win7-20220812-en
Behavioral task
behavioral32
Sample
OBS/Configuration/About/da-DK/cdosys.dll
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
OBS/Configuration/About/UserDeviceRegistration.Ngc.dll
-
Size
248KB
-
MD5
dca6f4440e5ec8a619eae7cff004d3bd
-
SHA1
e20ca06144e249ac3ceaa5e973e30800f83f5866
-
SHA256
0002c82c3c7f54fd6c1ae77ecd1e49fd4695e79b3bffb687aa55b5b79b5f903a
-
SHA512
2930638c3b6bae7a59972963cb24836ecb7e6529110738791787ebe060648181e68e98a70d54fb738a9937bf9a947742093917b8bbfab0a314d9097a0d8bb5ef
-
SSDEEP
6144:kpUkcY8/eXar95fRYL1PIC+k6crKnsGfL51YnFA2OJ4sKoj:kmz/3BBR41QPyrKjfL516snj
Score1/10 -
-
-
Target
OBS/Configuration/About/UserLanguageProfileCallback.dll
-
Size
59KB
-
MD5
2ef1eff30a933f22c58c3a292e8e7d92
-
SHA1
d2aa9b8a3e1fc694b784ad765cdb34e99440b043
-
SHA256
57397bb0a9f4b6f55c141b0e9f7cc360cd0d69c4b1e48e683150d04c98acefdb
-
SHA512
80cc9cce61f3278d28ddbff287d23bf103343e5ece361f4d76ba9bcc4b5144e6679f67a9bbefe3616cf5b6e6efb4e0df2bb6dc3dd664131a7afb5ed328cb85ca
-
SSDEEP
1536:aygogGW9CXqIxU7rWwG4NB268BHLO+zpktrwHpATBJ:KnRBlrWwG4NB26EC+zpkRwJe
Score1/10 -
-
-
Target
OBS/Configuration/About/UserMgrProxy.dll
-
Size
275KB
-
MD5
f22ecae2e79eeb94c51a16ab42d3525f
-
SHA1
57451745ae71e2fa290924d5105dfb7394b65944
-
SHA256
bb259c649d501159d9b40558ef5d2c6bc0d8211c1ba4dbb9c94a28f8d5f58259
-
SHA512
a619f8ae06099f7b924175fb050beeff2d099e0f7b1161ac5723b874b5381825d2767f72a588ae211cfbaa1d676b81e3172572a70fed09b42e74e3ba992cd296
-
SSDEEP
3072:BPav24GoaUgMck/d1LtmglPMBhADp7l9iyc3Jl4XmBn+R3pQVZE66M4ogYNVU:BPabGoajMck/d1LFiBhhYpQVZDT3
Score1/10 -
-
-
Target
OBS/Configuration/About/cs-CZ/WWAHost.exe.mui
-
Size
21KB
-
MD5
ac29d148d51f0ee691d470da3101a0db
-
SHA1
cbf27ce221f7555484690b5e35d9c681ac234877
-
SHA256
8a5dfc78afa6ca069847372931c496749cf67a0237af0c3a652fb1cbea03b5e4
-
SHA512
52ffa95f9ed1a8cb21ead52cd231cc4e0e0fb4290993afcd5dfedbfd7befe908c7ce1af6b60c90b562afcf766dc9e918a779b6154dcf67325e591d8337680166
-
SSDEEP
384:ii+fXuHfk62uqbW11MQQp291upxoD7zS+UShOn59oIfkZpbI5QibOdNm6JWxf:iiEs1VQYzUSGcgf
Score1/10 -
-
-
Target
OBS/Configuration/About/cs-CZ/cdosys.dll.mui
-
Size
47KB
-
MD5
245f1af6417a3ff71e10d02d45cf7601
-
SHA1
3ed49143295810e443e06106d373564a79030b74
-
SHA256
dfce25a3f3c723d068ec019fcf1ec764ff916f562b77cee61214afe3c94e3d10
-
SHA512
bd9df721a678ec62d0de39950d71e6268389b9b9957365d771ba416baf93ae8638e2537fe0ac14828ef01d500415a1017740bcb967640ba6d76a904876b47f6b
-
SSDEEP
768:R4aJ6iDjyUcEsx7fNXjTV8PszW7yYsznPy3IhWSzjfQNjeUBe8BVYhIAAInmVLHj:R5J6ivyUcEsx7fNXjTV8PszW7yYsznPg
Score1/10 -
-
-
Target
OBS/Configuration/About/cs-CZ/comctl32.dll.mui
-
Size
6KB
-
MD5
264ad7f703050808a3980af85a406724
-
SHA1
e22c19a360cd32df0a3e264d246b02f09ac936c5
-
SHA256
9a946ab3ed71b6c50184018a8779027f8aa8e892a5cb4a795e4674ecfc2c7b2b
-
SHA512
8e85d18f64961cb13813fd02f014c4e722d12eafb8229f46b3f7b7814b94b841d035a247f58a89363a6b1ca7802a34a99b18aa268f79b0cfa4797126b7ec9de9
-
SSDEEP
48:yt/gzOeu+sfGogiAE+fdncS9psp2o0phusS6QSGNMtfs68mmoG4LZWsu1AOJwbxK:A/PzAEyaS9pspULz2eSB4NWBA0Px
Score1/10 -
-
-
Target
OBS/Configuration/About/cs-CZ/comdlg32.dll.mui
-
Size
57KB
-
MD5
9883c6cceab64e9d2758c2482de3dd27
-
SHA1
c42e6e7f0a145b9cc068beadb81e3d6878d45dcf
-
SHA256
96da9c37c5f43e54ed9507d42f8edcdea9615decdb5f2557e87c5b7c4a5c859c
-
SHA512
0514fbe2fe02396734c2282295d498d01990814eee5d86c8c9fbc01b4fbf4d07e9a7055d2c5049aeae70912b5c09123f76f1eaeaf29d92338e4b99540d19ba14
-
SSDEEP
384:wYBQKh/Lj/PJ5sa/WSeKQ4vUbXLiI9gRFQaz3OvxCCkT3Cj6CmCMThtTmCtt6vlg:wYfZ/PJ5G4vPR27jfL+tt4AbsdsfDNx
Score1/10 -
-
-
Target
OBS/Configuration/About/cs-CZ/fms.dll.mui
-
Size
14KB
-
MD5
6c9ef9be12d3dff8516a977039d38f42
-
SHA1
350c29c78f13f112448f00a0773a4357d20da632
-
SHA256
d900b2ee80feec5175d004a3426deebdc66fedb352006f673d257f23521c6636
-
SHA512
f8e7f5f8e0855d43b090d959d3c558d2a5e316cf883033bb81ec8ed7738be2368ae5d38bc56a9045373ab7072d840bf417eff2274eab3a662a5da721021ef482
-
SSDEEP
384:mrJ9xN7zIy001KnWj9ztiGikifwxMpV+gWKK:8xyK
Score1/10 -
-
-
Target
OBS/Configuration/About/cs-CZ/mlang.dll.mui
-
Size
18KB
-
MD5
2bb79c98a1aa4279759cdeee4429af15
-
SHA1
e66dfadcfdcd64c9c4c1669c7f39986154f08336
-
SHA256
a543df3c26cb619ab2eba72f7ba52a1168743517481ef14708e16be30686b411
-
SHA512
77e71d30b53a59d007d3d96b910e0c63d4f9ec644027399789261253aad789bfb0f7446e4b5f36c137a1bbcec65ad6d5477b89df023ff3f64b0a323b0c731a67
-
SSDEEP
384:shPjqMeu1ExXKhGadEG62SNAMpL3O9uC321WnZ:gLquWKhQd4Z
Score1/10 -
-
-
Target
OBS/Configuration/About/cs-CZ/msimsg.dll.mui
-
Size
83KB
-
MD5
ae808047c18271d26328f3dd9c3f3164
-
SHA1
caf78c53aa4472a7bef7852addad66e60d318f4c
-
SHA256
1eb044d8695e01f56823fba5b7dbe82adf5ca74aeacc2e0b3678f4bcb0294fab
-
SHA512
02fc74cb509014e83dc6759199d085bb3f53c92656429b0fcd3209a093f8e1b3e64de5540a6ad1f53a434c88faf871d521ee4b1c44a23cdbd2d0c663567444a7
-
SSDEEP
768:VQgRiKgSRi5ZOB7dnOO6j/8e0edPrX/w51i4TJH:dRiKgSRiPOBhOjjEe0eAH
Score1/10 -
-
-
Target
OBS/Configuration/About/cs-CZ/msprivs.dll.mui
-
Size
5KB
-
MD5
7d4f6c3cdf91c4d7ee0b77d7397ef399
-
SHA1
3aafc4a4730328724e33599ed5922a2aaec4ff47
-
SHA256
6d01c46a5e7e5f4334c8caaa7b105b9b349831443f25b20cfb569f6531e50eb2
-
SHA512
beb6c6d6dff9b1679c482807b75028f9ea798f51b3a75b2b3d8cf77db8ca4f9152158ee8321c1cfe29e722cb2eddfe4b9045b49dde3ba4c245f3582985e222ae
-
SSDEEP
96:UgEME7BVd1zWWmVeeu6EPvj+xt+kNZnjo/nKU5suve4NWPw/8:UxMgVOWmAao+xBNlo/JeqWPw/8
Score1/10 -
-
-
Target
OBS/Configuration/About/cs-CZ/windows.ui.xaml.dll.mui
-
Size
16KB
-
MD5
60d121f438f6e39a1b4a730305732aa6
-
SHA1
fce026e06ce0f9a1c370d9cfb6c97c65974b453a
-
SHA256
2a9f8ab072e55791920c37b9fcd8a9bcffe85a0f1920c5d956fda4403650efa8
-
SHA512
0cc3016c3261b242111f7bc5c2ab806c429938cd8acd4a22fdf9e2842dac6de3ba262f00a6b76b2328061f62afb36b93fc90f4531ab4c444a17dc6f4db5927f4
-
SSDEEP
192:rwFmH0txornhVvB+utxmORGcfI8lNVbizcXV+4ZBRywt2kgp5P6E+Xe69wXW13b:imux4nvB+utxmuhfIw0cF+4jlHuMUW1L
Score1/10 -
-
-
Target
OBS/Configuration/About/cs-CZ/xpsfilt.dll.mui
-
Size
2KB
-
MD5
1a8e367051f29e528d142ff4825411b3
-
SHA1
d617b3e1e70ea163faa4aa7fd4857cb826440407
-
SHA256
f41c05ef0f7b0b64782211bf97e296967d32524b8c7a9d57250c50b766e530db
-
SHA512
caaccae934a295434c664533b2999f8a7ff37592f7cd28574b031af44e1001baf168fb079c10edab924e405b0b12243351ca50445dc7c83ebc74cadd7eaa629d
Score1/10 -
-
-
Target
OBS/Configuration/About/cs-CZ/xpsrchvw.exe.mui
-
Size
85KB
-
MD5
c82b3269ff1c820ea42ecaca0d64d9d3
-
SHA1
62b133c00dbdbc5a44b2eade2581c12733a08c2c
-
SHA256
3e2ceba1c4375e1acb81452201e8157d85f5f54c95905041f66162eb2ea7a521
-
SHA512
121a746968ade5cd88588ed780329cd9726c174a1097452161efd13d420839866cb783b5b0257a195935bcd1bfcd5ca74367c20d86b47cb02e412bdec9ff7e15
-
SSDEEP
1536:05loJUQI+r5iAI8QdDpdHf0cdF57KIQ7B8j520ags5VyB9:05loJUQI+rov8QdDpdHnd7+y9
Score1/10 -
-
-
Target
OBS/Configuration/About/da-DK/WWAHost.exe.mui
-
Size
20KB
-
MD5
daf094a75e2a69f02bd7b1763654932c
-
SHA1
03e789ff7c1d16c060e1a578b7060790e984063e
-
SHA256
bafeceec460bf582db34e081b10eb9bb6d72bb4ab8f21b0b3308abd685da3660
-
SHA512
21ad4093b55d1ad76c68e86f8b90f38320eb2aa7076ef3a157997c0b505a2d0857f5fd737b513eb2a906ebab1a4ca89e87ebdba22ed826e4f1917aec4ffec940
-
SSDEEP
192:LZKApzPQ/n+GjY+1WGMMJ++GXYhn4+eeDGryI8SWt2gDcVW5+AWSUNwJWQ:9KOE/tsMVnfg8SWpDcVWYAWSUNwJWQ
Score1/10 -
-
-
Target
OBS/Configuration/About/da-DK/cdosys.dll.mui
-
Size
47KB
-
MD5
d0720d39f722d65069e796556f4ef0cf
-
SHA1
95db150585855c48c6def31f4973a8df1f31bad4
-
SHA256
5b825dd0b710fa99703e741bff6528fba8a85a5df5a0399ec5d0bef3b4785b0f
-
SHA512
6c02f490c71338d369185fc828606f31fe5346b7fc80b8e58f59aedac2cb30cb80e1d151375e6c0c477ecdd9d8b8fe263363774ff18ba371f38481f0500cf53b
-
SSDEEP
768:0ss3J6iDjyUcEsx7fNXjTV8PszW7yYsznPy3IhWSzjfWFVUe8BVYhIAAInmVLHPH:FkJ6ivyUcEsx7fNXjTV8PszW7yYsznPN
Score1/10 -