ae4c8d37a496b43f8974ba8f07f708e22a9570ba0cddc3dc3a36edbccd4d2a20

Sharing

Copy URL

Twitter E-mail

General

Target

scrcpy-win64-v2.0.zip
Size

5.7MB
Sample

230614-p2cxtahd4t
MD5

a3ce018969f74c582a1bed96414b7512
SHA1

5d49185eff979a91a7747584f99745121321c6f7
SHA256

ae4c8d37a496b43f8974ba8f07f708e22a9570ba0cddc3dc3a36edbccd4d2a20
SHA512

42dd865a2cb3e39681529ed2a414cd40c8af79c95e6fb7e84a5c20bc83018c3ae4d3fdae48978b1124c05af974fd9e46c28d4c3f4833278ea22ad0f178ce6dda
SSDEEP

98304:gMYLDQ7ii2pshc973mRuXfnJal70T+9E0/3m5gB00MqSVkOhJWLFbAlpa8K1q6oH:JYcL2pV73mPFyuE0ehAOLWL1O21q6oH

Score

7^/10

android

Malware Config

Targets

- Target
  
  scrcpy-win64-v2.0/AdbWinApi.dll
- Size
  
  95KB
- MD5
  
  ed5a809dc0024d83cbab4fb9933d598d
- SHA1
  
  0bc5a82327f8641d9287101e4cc7041af20bad57
- SHA256
  
  d60103a5e99bc9888f786ee916f5d6e45493c3247972cb053833803de7e95cf9
- SHA512
  
  1fdb74ee5912fbdd2c0cba501e998349fecfbef5f4f743c7978c38996aa7e1f38e8ac750f2dc8f84b8094de3dd6fa3f983a29f290b3fa2cdbdaed691748baf17
- SSDEEP
  
  1536:Jwqdq+3pvspmLh8SCykrpTG7kfGHuNezq02XJqo+iFi1yCP:JwqD3L8Tezq0et+ui1y
Score

3^/10
behavioral1 behavioral2
- Target
  
  scrcpy-win64-v2.0/AdbWinUsbApi.dll
- Size
  
  61KB
- MD5
  
  0e24119daf1909e398fa1850b6112077
- SHA1
  
  293eedadb3172e756a421790d551e407457e0a8c
- SHA256
  
  25207c506d29c4e8dceb61b4bd50e8669ba26012988a43fbf26a890b1e60fc97
- SHA512
  
  9cbb26e555ab40b019a446337db58770b9a0c9c08316ff1e1909c4b6d99c00bd33522d05890870a91b4b581e20c7dce87488ab0d22fc3c4bbdd7e9b38f164b43
- SSDEEP
  
  1536:l72doFmOiHizFbPlspcsbj5ZsP+YeTs1p:lSSfN9+YeTs1p
Score

3^/10
behavioral3 behavioral4
- Target
  
  scrcpy-win64-v2.0/SDL2.dll
- Size
  
  2.4MB
- MD5
  
  e83a90b09e6274a9a375d73fd130850c
- SHA1
  
  90635404abaa143603a4d18a6555837e2f764673
- SHA256
  
  c2325ce01734ee1abe0f2a040d2ca8551012be3820a1fb2f32530d872df19517
- SHA512
  
  863c55f9e5e636006ec388d7b253ce896ec4c05a09a960dedb02610ed3dd01bbc213f7cafe63ad3c38aef70a899fc6d056c24305485798797171f7546dbe3c13
- SSDEEP
  
  49152:ETXOrRPZL6++oLQ+5QcusZK12XpQyod2mig5p47:68o++cc2B2pig5p47
Score

1^/10
behavioral5 behavioral6
- Target
  
  scrcpy-win64-v2.0/adb.exe
- Size
  
  5.7MB
- MD5
  
  9ec9f8110321541aa5fe9e77eeed1818
- SHA1
  
  3cf4b660050c22a08cc93cfd85b31fb4473190fc
- SHA256
  
  126562ac7f8bca87a68a088c84cadfff58745f00ef1aa1655cd62b0266c17d58
- SHA512
  
  dbaae34bd783677d006e419b983b7683f979ec6e6ea7a14732c4daf8d7e41c91cb01d7d2441a1f9c4569e35248f2a6e5bd04dfb794e8793b34da853c22acd777
- SSDEEP
  
  98304:XY7qti3PG5XoQT4lT4jN6L4uKxG9xNPDn:o2Q+VT4lT4ju4hGrNj
Score

1^/10
behavioral7 behavioral8
- Target
  
  scrcpy-win64-v2.0/avcodec-60.dll
- Size
  
  3.0MB
- MD5
  
  e50398267d35880d711df9647fe5dc02
- SHA1
  
  8bdd5dff1dd825e3b0c9985ae593cdd59028ba88
- SHA256
  
  2686b603a8544493d064449486175b910d79f11630489791d635a621149b9619
- SHA512
  
  fe4381faee9c89a2ec5c47340cee6100afcf6af381e6d742a48f02770a002f7acfb4d575cd9071f43ac2fcce12bbb723caae9f8688195a574aba7c7ed5ee4826
- SSDEEP
  
  49152:F8O062u2ygwDDAymr9mXl97KFCRWBg9HFTLRtJb+rJA:f0I9Xd9TteJ
Score

3^/10
behavioral10 behavioral9
- Target
  
  scrcpy-win64-v2.0/avformat-60.dll
- Size
  
  495KB
- MD5
  
  16b04703e965f7ef0619929f335f5346
- SHA1
  
  b905f8ff2a3d1f0e6a6c76831e124b70f3b6ca8f
- SHA256
  
  873072d1e592421784058486b6568cfc64e9a7d7354703d825c5c63c22051178
- SHA512
  
  02d78adbce07f8db7a0db20a677112526ac50157b464ae6b0b1869f6ce8622f9ad11c42f814d843e6ac1b808fdfd930e8e6fce6fcc38b447a27ae5367d895fec
- SSDEEP
  
  12288:F5R4sVoZX6Zz3Il0W+Q4ePKIo/SdEyiFxLGEiT:rRIZwuPKSdYjQ
Score

3^/10
behavioral11 behavioral12
- Target
  
  scrcpy-win64-v2.0/avutil-58.dll
- Size
  
  934KB
- MD5
  
  fb549fb8ac01e54e336e6b2dc51bc47e
- SHA1
  
  d69c3142f6c95e6cde2d7d76c3a064f44edeab1c
- SHA256
  
  0db8e0fd50b636958b303df5af377413b1d16b4f85fff20b53beeae4dd6f3109
- SHA512
  
  5a7511c57ef954d17eba7cf349fb71006a5e099112ed332cd364690d8a55ba906c903135aa465c7ec374624d0e09542a184a911162738b8bbc08ec31a2f9ad3a
- SSDEEP
  
  12288:gExniE7Yjo3bGyUnfpbqid0mVqOvPJyuCp34RM4uvQaMSJ1:gEhiE7B3bGTnfpuid0MtJE3zn91
Score

3^/10
behavioral13 behavioral14
- Target
  
  scrcpy-win64-v2.0/msys-usb-1.0.dll
- Size
  
  216KB
- MD5
  
  3eb215e257262f0fdd0cc0f25ed31103
- SHA1
  
  446148d5212a5ad2919771915506e8f6d2af9ad8
- SHA256
  
  cb2971f37f0d47c89ea1b5729f11cc9f4a8311ebfb8139521b667120b12a589d
- SHA512
  
  34a6d8746a6a3d5fc8e83d92999492a347835d9be392ececab08cc6e2f0131aeb869ed8a5af71e2c7679cefdb04d185344f709befe59df0201acd54a41ca1f8a
- SSDEEP
  
  3072:/xdSJruVOcVNE5OGE2zpt53/N291TKNWuLaOgTChdZBxV/4a:/vS0VOcVy5O8bGTTKIOaHidx3
Score

3^/10
behavioral15 behavioral16
- Target
  
  scrcpy-win64-v2.0/open_a_terminal_here.bat
- Size
  
  5B
- MD5
  
  98359f622a36689d7d76e00c28c5636f
- SHA1
  
  2dabc0389dd92cbe254a071958725d8ca7a2467c
- SHA256
  
  843758795a84d0d035a7d277ad29cc1ff1702048b4b61ae74b9e3439ae683423
- SHA512
  
  46bef76e29bc0ea93e15a32f275a7e0607d978da5e1390d2b336e99fa6531e598e4468c43660adb406ab85964e36b859d402314da4af8f17bc5cb8ab7df0676f
Score

1^/10
behavioral17 behavioral18
- Target
  
  scrcpy-win64-v2.0/scrcpy-console.bat
- Size
  
  90B
- MD5
  
  4cf35ee151e711be8d8d8ad5e4e929da
- SHA1
  
  7c8f5111c968b435dd64fb781806b6dc72a4ea52
- SHA256
  
  dc797a0ba51b42e3f965b5368adfa7accbd280aee8efa46f313b69ff8f403e16
- SHA512
  
  f33616df6a9dcc92b463a690928e88be65a229b72ad933243d4c56966ea44644e13df26faf170852a0ad79f6fa0cf22f44855a3c6b1990bac046940f3b2da5d2
Score

1^/10
behavioral19 behavioral20
- Target
  
  scrcpy-win64-v2.0/scrcpy-noconsole.vbs
- Size
  
  212B
- MD5
  
  a6adb14566ed94e5d80107aeb0fa5291
- SHA1
  
  4160262f99cc0d34573d6538001430f0c6f8c5ee
- SHA256
  
  3ccda94c161f18cef07c50d4d3c4913eb883d4b0fe3b939c35fae52784fb1d2b
- SHA512
  
  29540dfb671b71e3daec748a60324913028d236a458855f971d40a8ac41538c1636b94c6a31469f281419c8bd2f4e1cf8c9f16beb03fa005242c277e1dc08d29
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral21 behavioral22
- Target
  
  scrcpy-win64-v2.0/scrcpy-server
- Size
  
  51KB
- MD5
  
  5ea87ea427c3fd63965db46a18342794
- SHA1
  
  100cd7c71defd6473c55cd4b98bda177df4220ce
- SHA256
  
  9e241615f578cd690bb43311000debdecf6a9c50a7082b001952f18f6f21ddc2
- SHA512
  
  366e594ee87101635050185759eb03982b8749f1efe5c8f02d0fb5f60edfdacbd8280a183b872b1484648d2556cbde5abbaf1f3fd92a7f6f604181b9e81ffcde
- SSDEEP
  
  1536:89QK2Piu7qClkQ13b2Iu4YQNWRP2Ca+uMKJa:89QK2PhWy/30n1zuXE
Score

1^/10
behavioral23 behavioral24 behavioral25
- Target
  
  scrcpy-win64-v2.0/scrcpy.exe
- Size
  
  630KB
- MD5
  
  4d6c680202c8407ef795aaf816cf6796
- SHA1
  
  bcb1106d2bc1f56a4cce847ac8d1fa3df570c3fb
- SHA256
  
  a94bd1b33b809e8fd43c7f600ad0a077708f37a4ee95b07626c3eca054d0f2a9
- SHA512
  
  2407a93a99b5228c2bf0b494b4206dfecc46883ecae25ed5fc2c3a75f348b592aa5281f38019c82bbcd495a3189e09b8d4128266adb98a2ee5470ececba0d13b
- SSDEEP
  
  12288:HHNWvtvC3XQXroltQZaflpKhxbTXZk40jusCT:HMQ3XQ7oltcoKhZMjusCT
Score

1^/10
behavioral26 behavioral27
- Target
  
  scrcpy-win64-v2.0/swresample-4.dll
- Size
  
  123KB
- MD5
  
  4ca93ee35c70d934dd7bce6b504e6476
- SHA1
  
  7f5d6850bf564effc5bce24c599c74f158cc6bda
- SHA256
  
  b4247883a069663e48576115c4edcc114442a695ec876402e68293bfde138f0c
- SHA512
  
  c4b1b7faa059c27fa6cfeb0e2d4a5fa02f5caf426f3b7fcb9babd3599ede4a4228b20b71070142c3388a390acb5e1dd0a69733d2445bc386d718bb6b91cb9b22
- SSDEEP
  
  1536:THGj07Xwkt6PhcuBVruRDqJje5BNeoku+JKEjkc6id3t8mjoO6aaPPg:THGj0jwkt6PhtJ5KvEIZajmLP4
Score

1^/10
behavioral28 behavioral29
- Target
  
  scrcpy-win64-v2.0/zlib1.dll
- Size
  
  132KB
- MD5
  
  1daf87a334e32bc0813f7b494b53d258
- SHA1
  
  81fa9b20c8847162dffac9c733405db8c7e5688c
- SHA256
  
  5968380fd70941f53d36a2f6cc666f28240a32b03761db9c4c5256ac2e339638
- SHA512
  
  7729312ce5769b9f78807265df4f0a32efdfcdd3df2ef1fba303421793eb944758840db1777f03517223b69596934ad7b4efffa057563cd3c3e9d2e9d07f4d72
- SSDEEP
  
  3072:OVFUs57gm44/YmMHQ6tMah2tQoRYR5JvD93:OXtVgmEQ4cQokD9
Score

3^/10
behavioral30 behavioral31

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31