Overview

overview

7

Static

static

1

bdcamsetup.exe

windows10-1703-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bdcamsetup.exe

  • Size

    16.9MB

  • Sample

    230206-2qqqrabe3w

  • MD5

    0ed1a2a9108dfd3683633cf26c4971a7

  • SHA1

    46bb8bf34f88968e149b824bd0020dcc413b7415

  • SHA256

    7e85b222d39049e22dc3ef0e4551680b36f8119ba0b3fabc429dbf1c5a50defd

  • SHA512

    3d3fe56ec0c160926e8bf52728535b759224830afd637e68d0fae61e0daadb053b69593e6ded46ac86f167547deb25d5ea5ad667aa03aa205d1dfa4598572703

  • SSDEEP

    393216:ttmeptEmcSXO8NBYfUORcvpfOjYZRwsQ8jNnA/W3ffhPusNfznm4h4:Dm+t6kO8UtRuGiI+q/W3ffjNr/h4

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      bdcamsetup.exe

    • Size

      16.9MB

    • MD5

      0ed1a2a9108dfd3683633cf26c4971a7

    • SHA1

      46bb8bf34f88968e149b824bd0020dcc413b7415

    • SHA256

      7e85b222d39049e22dc3ef0e4551680b36f8119ba0b3fabc429dbf1c5a50defd

    • SHA512

      3d3fe56ec0c160926e8bf52728535b759224830afd637e68d0fae61e0daadb053b69593e6ded46ac86f167547deb25d5ea5ad667aa03aa205d1dfa4598572703

    • SSDEEP

      393216:ttmeptEmcSXO8NBYfUORcvpfOjYZRwsQ8jNnA/W3ffhPusNfznm4h4:Dm+t6kO8UtRuGiI+q/W3ffjNr/h4

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks