Overview

overview

3

Static

static

happytime-...er.exe

windows10-2004-x64

1

happytime-...er.exe

windows10-2004-x64

1

happytime-...58.dll

windows10-2004-x64

3

happytime-...58.dll

windows10-2004-x64

1

happytime-...56.dll

windows10-2004-x64

3

happytime-..._1.dll

windows10-2004-x64

3

happytime-..._1.dll

windows10-2004-x64

1

happytime-...40.dll

windows10-2004-x64

3

happytime-...rt.dll

windows10-2004-x64

3

happytime-...-3.dll

windows10-2004-x64

1

happytime-...-5.dll

windows10-2004-x64

3

happytime-...al.pdf

windows10-2004-x64

1

happytime-...40.dll

windows10-2004-x64

3

happytime-...pi.dll

windows10-2004-x64

3

happytime-...n.html

windows10-2004-x64

1

happytime-..._1.dll

windows10-2004-x64

3

happytime-..._1.dll

windows10-2004-x64

1

happytime-...me.bat

windows10-2004-x64

1

happytime-...al.pdf

windows10-2004-x64

1

happytime-...40.dll

windows10-2004-x64

3

happytime-...pi.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    happytime-onvif-server.zip

  • Size

    26.7MB

  • Sample

    230126-ddpqxscc99

  • MD5

    e467cd51e24061d20d89755c82521418

  • SHA1

    bbd34b3f39a47fab5046a7294d976dfdec7e219f

  • SHA256

    e95c2508bab20b1fb478a24d4c4a3ee75bec5e1b8e7a0c66928948cec30773cf

  • SHA512

    872ae2c3ec2206c6206cf56f9f308341330818b6c018011127e30a2539eaccf85898f01ff7798521f4b4c0ca4ee9bc4fbaa115393ba45e7e09f32c8b1d90983a

  • SSDEEP

    786432:Y5DAj0dVtLArNAXDYGEbnsISHxHjVLOqA:Y5VdLABAXas3LzA

Score
3/10

Malware Config

Targets

    • Target

      happytime-onvif-server/OnvifServer.exe

    • Size

      690KB

    • MD5

      7911bfcb943eca6efca09521f40cbfc2

    • SHA1

      9d530d1c312f1138199cf4af5b136d302cc87efb

    • SHA256

      07a40200b9471574bcd8ac7adae2fb7287472d62c6f2d992015f2f18a446dedd

    • SHA512

      19f3934cecbf3b719af04610314c23a37e4f68fb62bad77cfc9010717ffddf0e0f4491ec1a9057357d65d5ba47674b42e1f1e90fbd89f0b71e19882b9d8eba6d

    • SSDEEP

      12288:M15yepUy4dq182fLcF+YsC8MzyKyzcgiV0CA9O4o0d20:M15yepUhdd2fL/YsNrKYcge0CWnh

    Score
    1/10
    behavioral1

    • Target

      happytime-onvif-server/happytime-rtsp-server/RtspServer.exe

    • Size

      421KB

    • MD5

      6407f4bf0151d9e2c37f269813184166

    • SHA1

      691ecb58955ffe5d048afecd4794d6fa7464b361

    • SHA256

      f93223dbe6936238f7b749495612110f790fdb1553731a56544ea551ca313ac4

    • SHA512

      dd97fcefaacb11dc0697b80da17577d6e138d595086b26875a6050084a5f172dd403cdb7252f5714eea0cb7f8f021b8230ac0aa9de53d9c848fd8c125a18c215

    • SSDEEP

      12288:vn3d3BPo4vYtjDGe/EqtHm6/oXCD4rI6Z:vN3BPoQKieNth2

    Score
    1/10
    behavioral2

    • Target

      happytime-onvif-server/happytime-rtsp-server/avcodec-58.dll

    • Size

      29.6MB

    • MD5

      f6e03136925b2115c5bf16c3d350d9ed

    • SHA1

      4bbeee92496d3a20f266d297cdb58518bbfe0726

    • SHA256

      eed8c8a64549ffdfbc620b4ff6833e58b25d5c1123786c05fbc7be1f12743758

    • SHA512

      353008cfff9789986177c718bd6bbdb6184780c0e6b3d8f7f361314a6e8bff116bdbd79e94d8218c0bec73612adac7523876fc4e09e472127dc7947b193882cd

    • SSDEEP

      393216:YVbJv2NcGjFg23Xs0qUANf0//O5U0zvhkHxc3gSEkSa0Lpb/GdMX:YbKjHCkO5U0zpkHxcHwYdM

    Score
    3/10
    behavioral3

    • Target

      happytime-onvif-server/happytime-rtsp-server/avformat-58.dll

    • Size

      5.6MB

    • MD5

      cf1e91abb1caef4f0cb4a3f9c70b826c

    • SHA1

      d8da6c591b6d442b6c6341d3ecaa9a801f6b2634

    • SHA256

      fdfea194627b143ec81821bb7ebd461350cb1855f72c0eee8c735c19b478af7f

    • SHA512

      7574022ec574e5de1062e80423128e7bc1698b16a0c5b91255a9f7582cb46cca3b08ae416c6d41c4b0d53c7c0847ff8355be176c6fb05521167d90001fef55f9

    • SSDEEP

      98304:ByFLLyoBzl9R5Vr3jEx06Jz2kBtDR4BsZ/rSukHuCn73jTyReZZFloHEnKEECn94:ByFnyoRl9R5lAx06JDBtF4BsZ/rSukHg

    Score
    1/10
    behavioral4

    • Target

      happytime-onvif-server/happytime-rtsp-server/avutil-56.dll

    • Size

      653KB

    • MD5

      04aaeea12c475dfa1466941833a1cc86

    • SHA1

      43da5a8c0a2a922002d91280589b4dcbc906d293

    • SHA256

      3b7d41584f47295ac5f800c3481d5662519d8729720bffe77f53a0c5d9589208

    • SHA512

      6304a2aeb37cb32a0ff7e1c360a411fc38b4cdb08e085bb6a89f1e090a8ce5a0baeb203a6144ed6d5fbde63bd5a011d0df4f2a7b37c4517011c340ec195cf09f

    • SSDEEP

      12288:j+T88wHM+RsWJWYYzVzJnCOO5/vY75Ash6HM+RAJgAniCk:j+oPHM+RsCRYGDY9Ash6MJgAg

    Score
    3/10
    behavioral5

    • Target

      happytime-onvif-server/happytime-rtsp-server/libcrypto-1_1.dll

    • Size

      2.3MB

    • MD5

      c486defbd51fde81b73a06be6946846d

    • SHA1

      1142907127f1546cfcfa83f1891a5b29388d7bc3

    • SHA256

      2b370dcea98508fd8828da26c7f2535e2acab4dd818173200a3676b779a34ffe

    • SHA512

      707def234eba214ec8bce1a920954e38048995b9a82ed1b2ba2ec454595e8b4f02eb101470d462d73ed39704c0afe44bbb40c2e53df4d33c6c5effc595ec4815

    • SSDEEP

      49152:aQ1VVA2kTpvTDuW8VNd1CPwDv3uFh+0nU:aQ1Vu5DuW8fd1CPwDv3uFh+0

    Score
    3/10
    behavioral6

    • Target

      happytime-onvif-server/happytime-rtsp-server/libssl-1_1.dll

    • Size

      493KB

    • MD5

      2532c2db5b32af68448f56fc8b8a586d

    • SHA1

      2a28735220b1b7eb1e76ebda285b0209dccdca87

    • SHA256

      2498b09048c59941f6430d26d1847ef681e5e4638d07a7513e31a50eac543a8f

    • SHA512

      9e9ae6035f702e1c0dbdeba9b03cbca192fe75349f7d069ff45efccd3e670f4020f4cf4ee07a605df2c894f5658bd52283f6c204288e9220b400e1e81aace7bb

    • SSDEEP

      12288:BJ8sR6fYGsTRZ9vpHvG9ZiBgp/GidLzVaU2lvzXE5:B/Xsf8WaU2lvzXE5

    Score
    1/10
    behavioral7

    • Target

      happytime-onvif-server/happytime-rtsp-server/msvcp140.dll

    • Size

      439KB

    • MD5

      5ff1fca37c466d6723ec67be93b51442

    • SHA1

      34cc4e158092083b13d67d6d2bc9e57b798a303b

    • SHA256

      5136a49a682ac8d7f1ce71b211de8688fce42ed57210af087a8e2dbc8a934062

    • SHA512

      4802ef62630c521d83a1d333969593fb00c9b38f82b4d07f70fbd21f495fea9b3f67676064573d2c71c42bc6f701992989742213501b16087bb6110e337c7546

    • SSDEEP

      12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN

    Score
    3/10
    behavioral8

    • Target

      happytime-onvif-server/happytime-rtsp-server/srt.dll

    • Size

      457KB

    • MD5

      03afa01ad7b46ba39c48b8a81b162abf

    • SHA1

      fdfccaf04a392b76ac65170d707e3b67176a245f

    • SHA256

      17bd2f4eb133274f30285352718a33b57493e8bd504cb29f353fb9203b452515

    • SHA512

      bc2c3442e356ca99f07043a1b8a0b04a30111a546700ba8d7c6392e590ff520d69c1910be1cca28f9cdaf3ff183dc20681422bcbad793c97d72f1a605eb07ccd

    • SSDEEP

      12288:yOr4ebVIB0NrnxO9/0P9kL1PiOn2ZtuHAmV47T6B69uAa0PN5U84/hF0tLwJa5Vd:Xr4cVC0lOJmgZyciCwDgy

    Score
    3/10
    behavioral9

    • Target

      happytime-onvif-server/happytime-rtsp-server/swresample-3.dll

    • Size

      316KB

    • MD5

      4f3bd5b9c1b10a966908a1d1b0db7411

    • SHA1

      6c31e74d3cb2abb75f2ecee933c8544c484761f5

    • SHA256

      660e5963d0be63bdcea50e959c23fd93b8c25d582ff49e5af9e0fce84294dfe9

    • SHA512

      77b8357a249deba39fbf94a94c00d5f3e3ae861d58411c25278f144f3022ddca3c27bb21d6a6a89a4239dc89f2956b9a5083346a286a5469f3863bdb05260bd5

    • SSDEEP

      6144:NNfWE1yQKJdyKqIi3AhrX49fCWM1xiWs7hjy+NY9S+yCod7yHVWjtEjPFpHEP/nN:NNfWE1yQKJdyKqIi3AhrX49fsxuu89C0

    Score
    1/10
    behavioral10

    • Target

      happytime-onvif-server/happytime-rtsp-server/swscale-5.dll

    • Size

      501KB

    • MD5

      30a74b5dc5a7cad06c584f69d10eef7a

    • SHA1

      f814737706aea2c2803e24b423344a8a0e94fb26

    • SHA256

      8144506d22b54df61ad3684792d08c63cb151e6b8d32213cee224eb7d99747a5

    • SHA512

      02039264c2fb5ff0831868c73608bee52d5d7f9ab76896e1865a8c0571327fd378df98d7f198483e2bb8b526cba042e765e492427eb13b3c3a03f1692e603c4d

    • SSDEEP

      12288:tvwyqf/9FGgiw8ed+wya6khNyY6DRmx51JT6cZijgkiiMiiiiiKNrrrrrrrrjkiE:tYLf/9FGgiw8ed+wya6khNyY6DRmx51I

    Score
    3/10
    behavioral11

    • Target

      happytime-onvif-server/happytime-rtsp-server/user manual.pdf

    • Size

      621KB

    • MD5

      69f0e3df9c0584cfa85c8c4f4c1fc19b

    • SHA1

      0a6e4c7278c4838db8bdcf63e4df6bc37a25f136

    • SHA256

      52839702c964152208fb1f5ff57ec562de4aac781a851c5329708baf18e10578

    • SHA512

      b705bb4ea4deb00f8f5addbe7f11d6fb56286119730e452af82dc5d6a1f7a6c4dfa8818fc484fe7cdd7a4b57f6757ff19001434158ffe62b5d3c1862a7ea501d

    • SSDEEP

      12288:z49OejOz0AlS0mFvHzwU+xeqt66MKoyW2m835z1ThQYvqu+KbzHRIfJHFlhM9NEZ:MuC8pzlhQCnHKrMrd2nh

    Score
    1/10
    behavioral12

    • Target

      happytime-onvif-server/happytime-rtsp-server/vcruntime140.dll

    • Size

      78KB

    • MD5

      a37ee36b536409056a86f50e67777dd7

    • SHA1

      1cafa159292aa736fc595fc04e16325b27cd6750

    • SHA256

      8934aaeb65b6e6d253dfe72dea5d65856bd871e989d5d3a2a35edfe867bb4825

    • SHA512

      3a7c260646315cf8c01f44b2ec60974017496bd0d80dd055c7e43b707cadba2d63aab5e0efd435670aa77886ed86368390d42c4017fc433c3c4b9d1c47d0f356

    • SSDEEP

      1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H

    Score
    3/10
    behavioral13

    • Target

      happytime-onvif-server/happytime-rtsp-server/zlibwapi.dll

    • Size

      382KB

    • MD5

      7b0fac1968dcc7627636f3d17682c71a

    • SHA1

      1a80eac3d98824f76caa8ac9a3040e802f05e26a

    • SHA256

      2ef3a3ca1c9b442048b7d00856f2dab69a7be8787cc6f26f2d554adb73ac545e

    • SHA512

      7d80cf5ce353158146c4cabdfabf2dc54c99badcc952029e3d20cb1a21ce0405b91f4ac9fbe29c20fd832da541faa33678d133e079f4faab20005dd70b9b5048

    • SSDEEP

      6144:GLVeNa307jXrapwILWL9pMCsVohOn81Za7PGW698TB5vC0Tzh:g36jALWL9OCmohOnqcGW698TPvC0

    Score
    3/10
    behavioral14

    • Target

      happytime-onvif-server/html/main.html

    • Size

      211B

    • MD5

      165811228c68f127aa1335dc8d9e6010

    • SHA1

      1350acaaa661a69a5c6a5dd42ab5e02c6f8aaaeb

    • SHA256

      f061c8e363681711007764f39d4fae6016bbea8cfff3b0ead53557af12aa7542

    • SHA512

      f5d0936da1dde39ce4bca68b2f84817963dbca738701046a3973672736e024f432863fe7ba8b3d43fd2804922205962db1aa9825a74faf6dd3925d2f1f02d463

    Score
    1/10
    behavioral15

    • Target

      happytime-onvif-server/libcrypto-1_1.dll

    • Size

      2.3MB

    • MD5

      c486defbd51fde81b73a06be6946846d

    • SHA1

      1142907127f1546cfcfa83f1891a5b29388d7bc3

    • SHA256

      2b370dcea98508fd8828da26c7f2535e2acab4dd818173200a3676b779a34ffe

    • SHA512

      707def234eba214ec8bce1a920954e38048995b9a82ed1b2ba2ec454595e8b4f02eb101470d462d73ed39704c0afe44bbb40c2e53df4d33c6c5effc595ec4815

    • SSDEEP

      49152:aQ1VVA2kTpvTDuW8VNd1CPwDv3uFh+0nU:aQ1Vu5DuW8fd1CPwDv3uFh+0

    Score
    3/10
    behavioral16

    • Target

      happytime-onvif-server/libssl-1_1.dll

    • Size

      493KB

    • MD5

      2532c2db5b32af68448f56fc8b8a586d

    • SHA1

      2a28735220b1b7eb1e76ebda285b0209dccdca87

    • SHA256

      2498b09048c59941f6430d26d1847ef681e5e4638d07a7513e31a50eac543a8f

    • SHA512

      9e9ae6035f702e1c0dbdeba9b03cbca192fe75349f7d069ff45efccd3e670f4020f4cf4ee07a605df2c894f5658bd52283f6c204288e9220b400e1e81aace7bb

    • SSDEEP

      12288:BJ8sR6fYGsTRZ9vpHvG9ZiBgp/GidLzVaU2lvzXE5:B/Xsf8WaU2lvzXE5

    Score
    1/10
    behavioral17

    • Target

      happytime-onvif-server/runme.bat

    • Size

      80B

    • MD5

      9bc36fe28b93d9cfaba18a9d62e0290c

    • SHA1

      7473639209534d61608054669fd89339a99547f3

    • SHA256

      5343847534e1fba2cb34e2a65520f5d8717c789363f08d12c82ac8e3a145b90f

    • SHA512

      5824c7fde4063c9502a612102fa2daf4556738b65ffd144482b25bda9e844efcdd996b6e43c1161f5d8b992da3c08a847a8f98d74685bc04feddb1aaa3df5603

    Score
    1/10
    behavioral18

    • Target

      happytime-onvif-server/user manual.pdf

    • Size

      614KB

    • MD5

      74d4972e7b8164fb864d98123c7f0ba3

    • SHA1

      c9be544b406aa92b101eb3db4e450dafee9a5ecb

    • SHA256

      80a1abf908ffd20fae0647c454f80798823e3510155194aea985b534ff9500c0

    • SHA512

      f610948816103167290c6104146ede14e6f111870f3e12abf79fba088b359e2dfc961b06636bc5f7c1bda70b21ba00458cf2d37a5637693d841d47f266e82db9

    • SSDEEP

      12288:6ZHW0GKnalwGY0EjEgGJyGWozenDko8RAHWpn0U7uPz55vPFPmRrXybzHR3:rsGJJl5o8RA2xUz5PPkXynHd

    Score
    1/10
    behavioral19

    • Target

      happytime-onvif-server/vcruntime140.dll

    • Size

      78KB

    • MD5

      a37ee36b536409056a86f50e67777dd7

    • SHA1

      1cafa159292aa736fc595fc04e16325b27cd6750

    • SHA256

      8934aaeb65b6e6d253dfe72dea5d65856bd871e989d5d3a2a35edfe867bb4825

    • SHA512

      3a7c260646315cf8c01f44b2ec60974017496bd0d80dd055c7e43b707cadba2d63aab5e0efd435670aa77886ed86368390d42c4017fc433c3c4b9d1c47d0f356

    • SSDEEP

      1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H

    Score
    3/10
    behavioral20

    • Target

      happytime-onvif-server/zlibwapi.dll

    • Size

      382KB

    • MD5

      7b0fac1968dcc7627636f3d17682c71a

    • SHA1

      1a80eac3d98824f76caa8ac9a3040e802f05e26a

    • SHA256

      2ef3a3ca1c9b442048b7d00856f2dab69a7be8787cc6f26f2d554adb73ac545e

    • SHA512

      7d80cf5ce353158146c4cabdfabf2dc54c99badcc952029e3d20cb1a21ce0405b91f4ac9fbe29c20fd832da541faa33678d133e079f4faab20005dd70b9b5048

    • SSDEEP

      6144:GLVeNa307jXrapwILWL9pMCsVohOn81Za7PGW698TB5vC0Tzh:g36jALWL9OCmohOnqcGW698TPvC0

    Score
    3/10
    behavioral21

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

3
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks