Overview

overview

7

Static

static

3

برنام...32.dll

windows7-x64

1

برنام...32.dll

windows10-2004-x64

1

برنام...32.dll

windows7-x64

1

برنام...32.dll

windows10-2004-x64

1

برنام...iR.url

windows7-x64

1

برنام...iR.url

windows10-2004-x64

1

برنام...am.exe

windows7-x64

3

برنام...am.exe

windows10-2004-x64

7

برنام...ib.dll

windows7-x64

1

برنام...ib.dll

windows10-2004-x64

1

برنام...er.dll

windows7-x64

1

برنام...er.dll

windows10-2004-x64

1

برنام...ce.exe

windows7-x64

1

برنام...ce.exe

windows10-2004-x64

1

برنام...LL.dll

windows7-x64

1

برنام...LL.dll

windows10-2004-x64

1

برنام...er.dll

windows7-x64

1

برنام...er.dll

windows10-2004-x64

1

برنام...ib.dll

windows7-x64

1

برنام...ib.dll

windows10-2004-x64

1

برنام...57.dll

windows7-x64

1

برنام...57.dll

windows10-2004-x64

1

برنام...-6.dll

windows7-x64

1

برنام...-6.dll

windows10-2004-x64

1

برنام...57.dll

windows7-x64

1

برنام...57.dll

windows10-2004-x64

1

برنام...55.dll

windows7-x64

1

برنام...55.dll

windows10-2004-x64

1

برنام...-2.dll

windows7-x64

1

برنام...-2.dll

windows10-2004-x64

1

برنام...-4.dll

windows7-x64

1

برنام...-4.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5d1fbc2c82744a54fa30335e89501451b37b79bf6050dac4c263ccaf0182e7e2

  • Size

    11.5MB

  • Sample

    231011-j61a1sah5s

  • MD5

    78cb11dcc623fa9e8a3e083a069d8095

  • SHA1

    5980c1525c1f7916442ea18f23eb4aaf80ffab32

  • SHA256

    5d1fbc2c82744a54fa30335e89501451b37b79bf6050dac4c263ccaf0182e7e2

  • SHA512

    5749fb0f8eb8186bf51f3f4c97213c4a7ab3a434ae503b45440fd2c8716383305a9396aafa3f444b988d6c62126479f888bd86f34701ace25d6a44880d69378f

  • SSDEEP

    196608:4aJoyJX6Of4ohEQS2F9ONCDzCqqNinpKBCe/BRkhQ/CB/BM46sArXf/HvUwa6g4v:41yZfq+F9OIC5NUpKQSBR4Q/CB+hv/Hp

Score
7/10

Malware Config

Targets

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/LibSSL/libeay32.dll

    • Size

      1.3MB

    • MD5

      abef7052e350db0c7882cfed969066e1

    • SHA1

      0ba8fda273f2fd9900a6ddd926d7630c732d5aaa

    • SHA256

      5b4e6e7ff551a2a48f1bab0ac27421930a6215a9f5e52e95297c8ba31484d1f5

    • SHA512

      547edd7721f0927c3663f04d9af41a9241945a8dfa39611596d9fc0200e0efff0a992453dc2e8590aab9d943a2e7f1b20e586f860f240d74b124b4d4ef48d4ad

    • SSDEEP

      24576:VKOo+KpPlQax5g0mOn9+4bCNu/igvfcGAwyvWEyeDpoYqKkHVQDr:YdQumibku/igvfpAwy2eDpoYqJHVQDr

    Score
    1/10
    behavioral1behavioral2

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/LibSSL/ssleay32.dll

    • Size

      330KB

    • MD5

      9b3921b65e656fcd9d27423f8283033c

    • SHA1

      09116270a301bfb387134e87a74bb12def259817

    • SHA256

      89dccac92bc457b9180c0389b824aacebf4a934ee2f0b37f4a6e3865799ecc6a

    • SHA512

      fa3c409faf9b23e89302f214d3f0376a293ba0b4c0ccb5acabb6a4044b233937e5b1fd73951a49edad5c30311eac9bf1c7e2e14174b33ac31642f70d6d61ecc3

    • SSDEEP

      6144:0CpdTpdrTR4ahwcdSx5jtF1b4FoXYJzf1/2Wvy3L0fw8aHN/GpuPmYwwGZ6VGbKi:0CpdtdrTR4ahwcdSx9tF1bCoX4j1/2y5

    Score
    1/10
    behavioral3behavioral4

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/Soft98.iR.url

    • Size

      202B

    • MD5

      3ddf222b0633a83ecd9f4dd34f1d3fd3

    • SHA1

      66cd0d6b22af41cc99a87e7dda2605857f17cb37

    • SHA256

      cd49c8c8a991a045e07e301c17735760a6c0c4ef533882c48a7f1d9af6fc8582

    • SHA512

      ddc1d3cd6f07bc913b0907188ec03f35f4e4f7ba67072317d4c9597e90fa29843b28bb12ff95495b1e4cde4112100dff417dce8e49ea82e0fc4d9b3e3171c010

    Score
    1/10
    behavioral5behavioral6

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/oCam.exe

    • Size

      5.1MB

    • MD5

      25697efbe987c25343a4432349313a43

    • SHA1

      7cd8f268da7b15ee55ca9c9d34e5162cca0bb82e

    • SHA256

      0d90170dcef65367c1cb2a374953024a5c2c315292be07860ff1a6f3ee54c0ab

    • SHA512

      41dfa45f387769cfc47d16f123d02c651b0bd65de6aa0c85a8ed58b11adda72fe6145b3074d81c0a2a39e13829737a8ea165d6d20c02e264bd937b47c78764c3

    • SSDEEP

      98304:fUx3WE82tEE7ubaK/kE4C8sSskaRRRRRRRvx:kx8gTKSC8sSskaRRRRRRR

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral7behavioral8

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/v515.0x64/CaptureSoundLib.dll

    • Size

      232KB

    • MD5

      b0d5e90fa7674213f82a98da807c288a

    • SHA1

      2c739ad49c1a829138adbd769e9594b3b797c3b7

    • SHA256

      c1ee84b5918f67edd779b4be73aa6c1c4db57ad3839fe6c073aa7a97c22675ab

    • SHA512

      bd44450b0b5cf06178fec77973d3dbc0358526c3f6a126fafd2c38323b71193ebbad853d946d8d406f1749f1fd7da9ed1f72c3bf6337266f8c2b1b78b75a6de9

    • SSDEEP

      6144:zoKKg5usH13TI+G7TyVjQvRc5RDh4hmyR4aZP:Ag57H1sj7HRcmhH

    Score
    1/10
    behavioral10behavioral9

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/v515.0x64/FFMpegEncoder.dll

    • Size

      2.0MB

    • MD5

      0113d03555a875ebf2fdd977ec7c82dd

    • SHA1

      94ae260b16d85090881ffe0b79595ff19b8549d2

    • SHA256

      ac3b3274eae0ac51cf31f335ceed714097213dc4dface001c892596da7dc9fa3

    • SHA512

      e5f05406ed61bc9a7456cb97987750e63924766a6ddbb4d8b49226adf9d73c3af02ac36953fe1801b8e935423c4043709e6525c14bd5ffbf635eea38b5873a8c

    • SSDEEP

      49152:60Nmvh9EGM2W9ZUh5fDXLUNiHlX4vGOx/PZW2ip:Kh5i9OZfh14K

    Score
    1/10
    behavioral11behavioral12

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/v515.0x64/HookSurface.exe

    • Size

      217KB

    • MD5

      ca13316b6bfdc53d2e6556af978b0bb1

    • SHA1

      49201a62975518c0bc6b4d17440882dd86438372

    • SHA256

      42cddd140b74d014c34fe84f40390cd4367418378e52e185307e737c5478dd60

    • SHA512

      3ee3c5050c03a7452f7e81ebffc4ece1d96646573978cf4a5aae82c08cba57287375046bc167ee18cd6d3c13c39f18f9510c5edde413d7a23f2e1b89d405308f

    • SSDEEP

      3072:UTjTRJcVEzLLsq5ghmvgNKKRutYyvmmoHYggzLw6+WQ5E7pvNT0Oi0T:kT8Vw/5ghjNgNvvoH4zc6jQ67pv6MT

    Score
    1/10
    behavioral13behavioral14

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/v515.0x64/HookSurfaceDLL.dll

    • Size

      1.1MB

    • MD5

      74267b42fb162149fe70c717d9e58193

    • SHA1

      28c2ff94c78a2ed71e002e12c88bd68fdaad306b

    • SHA256

      1e05c6612d1c7531b6a5678e24a76623cd7abdbb9dcb57deba902459bd31f0a2

    • SHA512

      072bebfdd62a83bb2631af9202e5570aa669c28eab31a2358173196dd381a179bddd0e4d245b3f910b8ce715aada38eba7c010c41699dcb92a22c1524301f820

    • SSDEEP

      24576:wwUdws4iCLnySbTPcoSQtJMVYz5idx+ewrmVI8yJq32rLZydt25KgQLx/:wasmLyWTPErO0x79VfmrLZTFMp

    Score
    1/10
    behavioral15behavioral16

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/v515.0x64/ScreenCamcoder.dll

    • Size

      3.7MB

    • MD5

      b8f89b5d9a9ead25a7aa1568647b074a

    • SHA1

      0f33ebf54fb932eacd220f15d6881ac9348f02f5

    • SHA256

      11fc0aa323cb79b75c9354c7e52e3bfcfdecead75245e1575fd7b16826ef7803

    • SHA512

      7557fa84a4a6eebec190d0ddb2db1219f4f2127ec3c95a1f3e7c29acb8074d3670355c0f5ebeabb4a733cdea585c2d1dd7ecd808f32f156bffe5654b371d30ab

    • SSDEEP

      49152:YCsvwj91jLNzJgGSRontPx7oeoCAuxL91ySGVzhi8OyChT1x7QXO6:H3qAoeo4LNTa

    Score
    1/10
    behavioral17behavioral18

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/v515.0x64/WASSoundLib.dll

    • Size

      249KB

    • MD5

      621b0f20f29661ecd08c182d2dd9c80d

    • SHA1

      547c5522817ac338c26806099804043877094126

    • SHA256

      a57df5b941b4ac9da63b758a9e7b134458da37dfbc6987c1c610a83f44cf7022

    • SHA512

      9cebc94c25f00f8af21bdf3dff0d689b340b1d8a71770498643a1fb485a7e3af6f71787a04cd9956a6b24fd05710efab2680a2fa26bd5992973e802cb53b08c2

    • SSDEEP

      6144:MosEnUKHkN5PTvL3qB/NMoEj7hsq07aYId:tsERHkNxyEHhs2T

    Score
    1/10
    behavioral19behavioral20

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/v515.0x64/avcodec-ocam-57.dll

    • Size

      1.9MB

    • MD5

      b18ec2875bc4f104c68f323c7549bfa0

    • SHA1

      28149063ba67246d6c02db0be24a367d2e8316ec

    • SHA256

      d0eff5211c5064f84110460f81f4dbf2e1166dbc111b21780e29cffac3d57a54

    • SHA512

      0ea31d17f4ccb97db981aaf9c23395a674252c253ca74a0dcd846c3ad6a14d247a1871a693e321ad62d7a4d328637cc365522dccb847da30ec3ed4ac50dd5a69

    • SSDEEP

      49152:5ukP1VAVz+msab0lPYKurnFevyr3ITd7RjC6qrycHd:fA+O8RZcHd

    Score
    1/10
    behavioral21behavioral22

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/v515.0x64/avfilter-ocam-6.dll

    • Size

      228KB

    • MD5

      749a0da5336a753837d6318da8dc4350

    • SHA1

      b66c727f875ee385056c3bb9a902c0d2382d5143

    • SHA256

      b5484db6bbd928c5c3b12be2a2ffd5d3914de206664fb17d9fb2b4473d36da80

    • SHA512

      adc47d5209061394b6212ef4b2e2ccbcce49cbcafbead84319dd87b68f09fbd18e8ab5b1d2ea4c0ebbf27b94321125ca132b72174a525f152d68d9c17e72c456

    • SSDEEP

      3072:blXLKPoMlpKV4vGlTJ701DxSz0YaNHxz1hy3eK39T6MgPBRW02fRK/PsHuKYR024:b0PBlEnTZTtiEO6Uje02fRK/PsOeaO

    Score
    1/10
    behavioral23behavioral24

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/v515.0x64/avformat-ocam-57.dll

    • Size

      514KB

    • MD5

      7ea9fd0413d99303c07b00c37f51de60

    • SHA1

      7e5dc4eeefee9d561225e784ff05aa69a6c71344

    • SHA256

      caf60ee50b896236311121d88e96d736419321ddf91e587e0eb3b92f61d53aee

    • SHA512

      9862f79152720b03899e4c0f6feb5187b2c16371e65e9286ee8444bc236ac278b7d737474f1a37a26b59d0373bff17fed74d3d5ffb17c2b18a2ccea295bb089a

    • SSDEEP

      12288:XnRCnai4iR8aQ1eSUE1JJJV99999KEmQz:o4jbUoJJJV9999gQz

    Score
    1/10
    behavioral25behavioral26

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/v515.0x64/avutil-ocam-55.dll

    • Size

      452KB

    • MD5

      849533240a2ff7f5262e15fd18f2faf8

    • SHA1

      2e25883e241b8e4daaca06ebce3d18c2cae11e41

    • SHA256

      4a306f212e2b20038c922cc1a1122e697f4e7cbf08f6d47721a66724def49cf0

    • SHA512

      39481a6c88012064e059f958876e708de1bc0618985049f3d98b1ec90a0845e97147fd4860388333f13f3dd58e94af76ab1796c957022b5a45ff070936df1c4f

    • SSDEEP

      6144:3jFjXnHpbHsu+O0kyr0572s2/6iJJk+wIPf5sxyRFAdtVnHB5su1EM0i6WE:3vs80k3KH7v3wIX7RzGwi6WE

    Score
    1/10
    behavioral27behavioral28

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/v515.0x64/swresample-ocam-2.dll

    • Size

      127KB

    • MD5

      26f5c805ccf70c142a3326acd87c1924

    • SHA1

      2e9b692efd5e02fdf86981f111d9f7be9af6fdbf

    • SHA256

      f9f807d65aa8838b721a139413f55d42245044d3694f5ae84bccaf24df4ca467

    • SHA512

      6744a3b12bc570396161d15a4d3f92a95f8bf95061ea9a5ec32d06b65e5bf642189f00ef26190903fb94da25789b4b5c07420566dfe5eb38b7f1ba49a872a750

    • SSDEEP

      1536:RELqLHTuuVZaGJWiYwYZCPTZY6N53ux4tEo+oDvEHTyNC5+3RWTykT4KDZZkCz3W:REkHTxVJY/ZCPCLygcCzCRqUb2Y

    Score
    1/10
    behavioral29behavioral30

    • Target

      برنامه پرتابل اوکم/oCam.515.0.Portable/App/oCam/v515.0x64/swscale-ocam-4.dll

    • Size

      522KB

    • MD5

      a47a3746a2a970379aad74323af21153

    • SHA1

      0e80de9e72c34f7bd420fbe5f2716ad766a4383e

    • SHA256

      8d11eedd48e2983c60748d91ba8bebbe8924a998c385c4c16d56f592cbeb409c

    • SHA512

      055d90b32a51d98b8ac3d209e77b063f92cb01ce8ac2463aebfd7508c1600a8303ce2766f6ddf350a26a54da5c26feac0baa0320b046d6d3fc0a3d606d0f7609

    • SSDEEP

      6144:95kUZOxa4oKxJdJN7nKrlCCYQHAp/UVyAyv9Xanw1a:9/Z34oKxJdJN7n0lCChApMI9Xanw1a

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks