5c8c5985ccadf49c31db958ab37bf9364bd9275501dd186c60eb62a5fee4b34b

Sharing

Copy URL

Twitter E-mail

General

Target

58342456b7c97c3e03988c90778b610b
Size

2.4MB
Sample

240113-g5stfaebc6
MD5

58342456b7c97c3e03988c90778b610b
SHA1

3e42df1c0f64216f06523f57f23c9161ccd8bca9
SHA256

5c8c5985ccadf49c31db958ab37bf9364bd9275501dd186c60eb62a5fee4b34b
SHA512

56b9119db45a1089edc123a565d46747d37076d5ce39b6e24b70ad553262e5fab73042d1d970bb6e223d9fe767992227e9c55b2e2dd61e3ebb33f158df9a81b6
SSDEEP

49152:1jwyHA1zjZYiVorzEWe03hFDcgPhTmL7Di+5nsML5eUtUxr7TRCSd4:xw84z9YiGzhe03zcgZeC+5LtUTj4

Score

7^/10

persistence upx

Malware Config

Targets

- Target
  
  58342456b7c97c3e03988c90778b610b
- Size
  
  2.4MB
- MD5
  
  58342456b7c97c3e03988c90778b610b
- SHA1
  
  3e42df1c0f64216f06523f57f23c9161ccd8bca9
- SHA256
  
  5c8c5985ccadf49c31db958ab37bf9364bd9275501dd186c60eb62a5fee4b34b
- SHA512
  
  56b9119db45a1089edc123a565d46747d37076d5ce39b6e24b70ad553262e5fab73042d1d970bb6e223d9fe767992227e9c55b2e2dd61e3ebb33f158df9a81b6
- SSDEEP
  
  49152:1jwyHA1zjZYiVorzEWe03hFDcgPhTmL7Di+5nsML5eUtUxr7TRCSd4:xw84z9YiGzhe03zcgZeC+5LtUTj4
Score

3^/10
behavioral1 behavioral2
- Target
  
  $APPDATA/CCTV/tv/CCTVPlayer.ocx
- Size
  
  366KB
- MD5
  
  b737c23b2bdbd9bff0c841704d33e7f7
- SHA1
  
  9217e98aff05158ca3db595e7f0d806d6dbd723d
- SHA256
  
  bc9d2fc296e10ace28824532c429f9b2242efb39e04bbc3da42cc4962ee72bf7
- SHA512
  
  a02310ba74b94009e59e886e099ab7295829a47b152a80db6ab11f12f3dd72836b07056ad6112ab415e96fd7b00856dba7a15146e03d8bae53a3bdc508e49bee
- SSDEEP
  
  6144:9Jq9M2zf8BzbE5iwa9NceApLVM/0mxgHcaWuS+8eZTmjEhoqXCM39MahMI6lr:9B2zUNE53a9NdAp+6HFWuDOoho61h8r
Score

7^/10

persistence upx
- Registers COM server for autorun
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  $APPDATA/CCTV/tv/Reli_CCTV.dll
- Size
  
  2.4MB
- MD5
  
  a6af7f7bedbb27f2cbc6ab9144d617d3
- SHA1
  
  bb1d81552707e38d5d7cb43995f33eb5c6bdc928
- SHA256
  
  088e9c2fe73120d9bcc31d3c5a66b2e2cf7bba641e9b2ad8307bd54d221fcf3d
- SHA512
  
  f74b1a43c52e4d7e109e3b4ea90f549186c7b6ce7b09706157854e0b4a6ca277c02e47b753f9609046b48991a1c5036ae6ee505735eb7005b74ff230c00cc584
- SSDEEP
  
  49152:kofQYoJ5yjiQigAOl2vLvV5TQGIPfTv3Bwa:JfQYG5yjiQ1A7bIHL3j
Score

1^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  ab73c0c2a23f913eabdc4cb24b75cbad
- SHA1
  
  6569d2863d54c88dcf57c843fc310f6d9571a41e
- SHA256
  
  3d0060c5c9400a487dbefe4ac132dd96b07d3a4ba3badab46a7410a667c93457
- SHA512
  
  99d287b5152944f64edc7ce8f3ebcd294699e54a5b42ac7a88e27dff8a68278a5429f4d299802ee7ddbe290f1e3b6a372a5f3bb4ecb1a3c32e384bca3ccdb2b8
- SSDEEP
  
  96:EBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4MndY7ndS27gA:E6n+0SAfRE+/8ZYxldqn420
Score

3^/10
behavioral11 behavioral12
- Target
  
  Communicate.dll
- Size
  
  44KB
- MD5
  
  102b9fe06b7a8cad9af32737308cf707
- SHA1
  
  eb0743e1a849f5331ecf1ac8dc68c440f220fb0c
- SHA256
  
  d8c3c617831db57e6f8ab272dd9b2b9f7ea8002229c4df1a9db5d921e8c61876
- SHA512
  
  77c9cb2a93f8c8de06ea29ab28f8969cd2bafae0ff2aa594b6f60aaab30ff3b98fa87152ef9fa3f8a69426a9f4734ddcd82635cd49118f9781ef7bfde918bc8f
- SSDEEP
  
  768:UJd5AiLoDQ/4+TnGvippFxqWLCxfFHoUpw:UJd5AiP4+Tngip34thov
Score

1^/10
behavioral13 behavioral14
- Target
  
  MSINET.OCX
- Size
  
  129KB
- MD5
  
  90a39346e9b67f132ef133725c487ff6
- SHA1
  
  9cd22933f628465c863bed7895d99395acaa5d2a
- SHA256
  
  e55627932120be87c7950383a75a5712b0ff2c00b8d18169195ad35bc2502fc2
- SHA512
  
  0337817b9194a10b946d7381a84a2aeefd21445986afef1b9ae5a52921e598cdb0d1a576bdf8391f1ebf8be74950883a6f50ad1f61ff08678782c6b05a18adbf
- SSDEEP
  
  3072:R5JTZQu4epojdkYv55RCezn/T81B+ySRdL:RLTbP85RCezbwm
Score

1^/10
behavioral15 behavioral16
- Target
  
  PSPMencoder.exe
- Size
  
  2.5MB
- MD5
  
  8464394f47d1b2b00944b6bd75ba5226
- SHA1
  
  b3b02c06403a64f9d360225f7923f1e19c00a539
- SHA256
  
  31405f0862472d9877ee66fc592c5d50e0ec5e44725831932593088202cca642
- SHA512
  
  f413ed1a2f966e9364138b30f23320e9d531d7926013352d70c7896bb4b8fe926b76ec7546fcf1a50e5068624012312b275d5067f3f44c82b8a406c17c029cfe
- SSDEEP
  
  49152:SQQ99NtzK6mlE+t7U20LlzFAhVf+5XWV6lFO9RC4LcWoRCdUPjRUir:aD+dU20LlzFAhVW5XWQLO9RoRCdUPjRJ
Score

7^/10

persistence upx
- Registers COM server for autorun
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral17 behavioral18
- Target
  
  QvodPlayer.exe
- Size
  
  517KB
- MD5
  
  61f0f1b061cf7f38d65cec0685209a86
- SHA1
  
  fae21a9cebfe462039397bc45b86ac433621ac9d
- SHA256
  
  67d3b5290f92d8d439dd1a2d7ebf2802442057cfd6751596f13504168e7d6632
- SHA512
  
  89fd1018601eb18766ee58f39d1345e0499820fb47e1d6d85f7f4b6fd1274602274f2510802a66f656868ca6fe3b1c14dca8770ccc0b9957d4d020162d0e1baa
- SSDEEP
  
  12288:an3D3NflPgSEi4BhLmNIaLvtcJgRrMbfJ01Gv2LFTqK1Pv:an3DJlPNEJLmNIaLvtcJgRqmm2LNqSH
Score

1^/10
behavioral19 behavioral20
- Target
  
  VnetClinfo.ocx
- Size
  
  72KB
- MD5
  
  8ceaff35219a2b7f594f2d916da06c4b
- SHA1
  
  4a58a6888a9b4782c7cf5b8ce5f206ac610a87cb
- SHA256
  
  43744057b4330e556921fae82325b582dfb271f8cb64bc2399cfb32a52e01767
- SHA512
  
  a76748d0db206fe357ee0078f8cddc84a42433657f0ce039592ef0b8c0d7fcbf09427f2a74c844c79ac4902d1ed4fe2387e6aae26a5a6e23bdf485bd61a69594
- SSDEEP
  
  768:Xy3wc77UtCcjS+8mcKgqCm36PcQ9rhRv19ClA1dJ9mQzAjsQ01jUGDQM:Xxc77a/8mcZH0o9RjClWnAkaGEM
Score

1^/10
behavioral21 behavioral22
- Target
  
  comdlg32.ocx
- Size
  
  137KB
- MD5
  
  b73809a916e6d7c1ae56f182a2e8f7e2
- SHA1
  
  34e4213d8bf0e150d3f50ae0bd3f5b328e1105f5
- SHA256
  
  64c6ee999562961d11af130254ad3ffd24bb725d3c18e7877f9fd362f4936195
- SHA512
  
  26c28cb6c7e1b47425403ab8850a765ac420dd6474327ce8469376219c830ab46218383d15a73c9ea3a23fc6b5f392ee6e2a1632a1bf644b1bd1a05a4729e333
- SSDEEP
  
  3072:3ESIiWD8uq4hCqUt6mqD1gRshBgH/voqJrwo2CocrJbQN6N2TRqEydzdHv2:3ETz566VgRyOJ0oDxQRHH
Score

1^/10
behavioral23 behavioral24
- Target
  
  images/list.js
- Size
  
  1KB
- MD5
  
  b42c03dff56abab0cdc7eb335c786a17
- SHA1
  
  60e30913481c9b5fe7af00f94f947dd062e8476f
- SHA256
  
  84c2634231ca00a1304766acd7e67bb221357ecf5a7ddde0cbb2ad8588586140
- SHA512
  
  e95a4e6db2973399e47dc7dbf6a48054fe0afdab68abb19b2fc7e265232c2e6332a6166caf711e005d18443fcb2f3738518eeee99ee27693bac461482b5d2bca
Score

1^/10
behavioral25 behavioral26
- Target
  
  mod/CCTVPlayer.ocx
- Size
  
  366KB
- MD5
  
  b737c23b2bdbd9bff0c841704d33e7f7
- SHA1
  
  9217e98aff05158ca3db595e7f0d806d6dbd723d
- SHA256
  
  bc9d2fc296e10ace28824532c429f9b2242efb39e04bbc3da42cc4962ee72bf7
- SHA512
  
  a02310ba74b94009e59e886e099ab7295829a47b152a80db6ab11f12f3dd72836b07056ad6112ab415e96fd7b00856dba7a15146e03d8bae53a3bdc508e49bee
- SSDEEP
  
  6144:9Jq9M2zf8BzbE5iwa9NceApLVM/0mxgHcaWuS+8eZTmjEhoqXCM39MahMI6lr:9B2zUNE53a9NdAp+6HFWuDOoho61h8r
Score

7^/10

persistence upx
- Registers COM server for autorun
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral27 behavioral28
- Target
  
  mod/CCTVUpdateInstall.dll
- Size
  
  41KB
- MD5
  
  d1711f10bf2c83ede41f7b500a9313ae
- SHA1
  
  9f53ef6e489c562da687bdfe69e1b061bf6b2c39
- SHA256
  
  36dfa3939c13a5fddbf9d1d6b46500a1ff8d28b6c1459675865167f2b05b077f
- SHA512
  
  fd7c31dfbb3a362b3c22d325520cd788ad236f9c7a91d011879f7b425958c6ae5eba07215b06a9be95d5f20fb96f765ee460f227328c5d09092b403acbbdd4a5
- SSDEEP
  
  768:8jqStPeiQNKexn8TDQezDuCiAggPwFJeiIJi95wwhC0kosyLWFbCXp:YqcPVjPQrzAf8Yi9ugzkosyaNCXp
Score

7^/10

persistence upx
- Registers COM server for autorun
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral29 behavioral30
- Target
  
  mod/Reli_CCTV.dll
- Size
  
  2.4MB
- MD5
  
  a6af7f7bedbb27f2cbc6ab9144d617d3
- SHA1
  
  bb1d81552707e38d5d7cb43995f33eb5c6bdc928
- SHA256
  
  088e9c2fe73120d9bcc31d3c5a66b2e2cf7bba641e9b2ad8307bd54d221fcf3d
- SHA512
  
  f74b1a43c52e4d7e109e3b4ea90f549186c7b6ce7b09706157854e0b4a6ca277c02e47b753f9609046b48991a1c5036ae6ee505735eb7005b74ff230c00cc584
- SSDEEP
  
  49152:kofQYoJ5yjiQigAOl2vLvV5TQGIPfTv3Bwa:JfQYG5yjiQ1A7bIHL3j
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Registers COM server for autorun

UPX packed file

Registers COM server for autorun

UPX packed file

Enumerates connected drives

Registers COM server for autorun

UPX packed file

Registers COM server for autorun

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32