Overview

overview

9

Static

static

Hyper Canv...SH.nfo

windows7-x64

1

Hyper Canv...SH.nfo

windows10-2004-x64

1

Hyper Canv...2O.nfo

windows7-x64

1

Hyper Canv...2O.nfo

windows10-2004-x64

1

Hyper Canv...up.exe

windows7-x64

9

Hyper Canv...up.exe

windows10-2004-x64

9

Hyper Canv...id.diz

windows7-x64

3

Hyper Canv...id.diz

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    HCED.rar

  • Size

    29.0MB

  • Sample

    230201-yfjb5sdd9y

  • MD5

    7df67409b2f02cab3ccd641a8aae338b

  • SHA1

    bebb9451cfa6a0c93d89715b12fc3b8f221a6caf

  • SHA256

    1579322c6bf015cc6b29db5c958f8cb48cd7f27c44b63089dc224d3428b84d76

  • SHA512

    ec870b0bf9c021dfd66d7c1ef9b81b2088e089da7b949cecc3d4ab2feb50408f8af6ef8d7cae71df00fdbf3e54abad9f36d81176748cae0a3d41b37c2b0af1c4

  • SSDEEP

    393216:FxT2/JA40ARjRY34lzRe21m4W1g8jnpEbtkVQ8NrgZSPFQbPgul2aRbXvJcgrb0/:FAJA40CmmReom4wIiQsXq52sIvasvq+b

Score
9/10
upx

Malware Config

Targets

    • Target

      Hyper Canvas v1.53 - Edirol/BLaCK+MuSH.nfo

    • Size

      4KB

    • MD5

      9b331987675552fb6b632f16468b8f88

    • SHA1

      ffd1409cac565b321812068e54e3e78eaa68c2b8

    • SHA256

      c0661fbc967722d46658cd9417167db3496a0351bc7871c2a5ffc3b74d0a8cb0

    • SHA512

      f3d3051accee19fdf4c5e1a09b81d2440f552dedc2f3d8a1e269e9a4f80b4f9d7cb7b625cd0abae95243a9ab58ee36e5bb3d931935c57e91c0e79f301c51beef

    • SSDEEP

      96:mZtByAMajizg5UoUMCN6TsSsKbW7SK0++adIXFbq0d:mtyA6g5OtwTixl52bb

    Score
    1/10
    behavioral1behavioral2

    • Target

      Hyper Canvas v1.53 - Edirol/H2O.nfo

    • Size

      14KB

    • MD5

      4738ed58afdb59d5b2d679a9ffa5ab2f

    • SHA1

      ac8181e6711935a3521c454468ccb92fd2f51207

    • SHA256

      127059616675b75abc94f6b9c9f57f8d965a3cd5c186cec67e588d60dbc053b9

    • SHA512

      079d3ab0b373b95c20ba99fce7b546cd630b40fbb99a13608de9033ca3bbf436c043a3aec4ea207334c312ede0d848ce01d6cce6e60879c32af2e124ab025ab7

    • SSDEEP

      96:8zOu7lCFnReeZhCID/epnnabrEU9MV7Z+4BYVPiS0hzw7pXbymEh+nZ57EaBjSz:nnReeZgpnna3f+71Bsiihby3h+nbEaUz

    Score
    1/10
    behavioral3behavioral4

    • Target

      Hyper Canvas v1.53 - Edirol/Setup.exe

    • Size

      29.3MB

    • MD5

      ac12d4b42707b17973cf0772dcf5d8f3

    • SHA1

      b732df348f85d79fc19b6300603169a747c5632a

    • SHA256

      3209f789ea1f96cc0036ef4acd95682d49907a4deee60728cdc1689ba7e3997d

    • SHA512

      d1c3062e3f3127fe9aae883d1847cbe28d38b2b300e2508343e6536652a39d0aa2c3dd570dc063cbed43fbd87806d3ce611483e0f504e88b0c15ffa59f64c660

    • SSDEEP

      786432:zjSBy2j2/VrhOor1WgBRLpfxXytA4KH7+OtojVFmi:zjk2/VAkhLNyt8bSVFmi

    Score
    9/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral5behavioral6

    • Target

      Hyper Canvas v1.53 - Edirol/file_id.diz

    • Size

      575B

    • MD5

      295872b2e844e929d64179d46d4feef5

    • SHA1

      48ed174f11619057a7ab37938c5540c1af11d262

    • SHA256

      e2bc9ce7d92d075e52741625bf2ed691489a86954fbc3faacc0c35a18ec76c35

    • SHA512

      89b2478e129f57911f39db985002b9e476a8db89bb09a696b3bc0dd4185d3bf2aff1e930a281bb1e2ea96d68a6207ea1b02a7f81dc0f8607d8f79bc879da3e60

    Score
    3/10
    behavioral7behavioral8

MITRE ATT&CK Enterprise v6

Tasks