Overview
overview
10Static
static
3drdivx2-2.0.1-b3.exe
windows7-x64
7drdivx2-2.0.1-b3.exe
windows10-2004-x64
10$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
10$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
10$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
10$R0.dll
windows7-x64
1$R0.dll
windows10-2004-x64
10安装说明.url
windows7-x64
1安装说明.url
windows10-2004-x64
10Analysis
-
max time kernel
137s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
25-01-2024 16:15
Static task
static1
Behavioral task
behavioral1
Sample
drdivx2-2.0.1-b3.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
drdivx2-2.0.1-b3.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20231215-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral9
Sample
$R0.dll
Resource
win7-20231215-en
Behavioral task
behavioral10
Sample
$R0.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral11
Sample
安装说明.url
Resource
win7-20231215-en
General
-
Target
drdivx2-2.0.1-b3.exe
-
Size
3.8MB
-
MD5
84ff716ffec57072db7c675970036a09
-
SHA1
b321a081cd8bc69f6e218bf776ac35e772b9af6b
-
SHA256
466905e88c78ba532c3f9ca6be4fe8e44840b3ac6e46df5132950ea07e3552f7
-
SHA512
af3f5bd6b8d1269e43ed895748377908f9a5689c5f5911cba1b787890b2a5188d0594cf91c8c336d6541e4287669ed7d811024eb511e0bb12ac03972f1376633
-
SSDEEP
98304:QZVwNE0Fr2oyVkCT/WdZlAaoo0qKR583So1hZVYF0X+j8oeD+CCCdn:ZN7r2bauWdb70qKR58Cglpuj8SCCE
Malware Config
Signatures
-
Loads dropped DLL 2 IoCs
Processes:
drdivx2-2.0.1-b3.exepid process 4996 drdivx2-2.0.1-b3.exe 4996 drdivx2-2.0.1-b3.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\nsy126.tmp\InstallOptions.dllFilesize
12KB
MD583304a78d2b6ea45ea8404f4cd78721f
SHA1d5c5d19653c751c08579dd094bcc9fef1841af00
SHA25692344973083c0a5d8f5732814c1315124e8e0a2f1ed912583a081f95f7549414
SHA51294076cc935927925641d668c19b389d007ff7e8623f2afe706fc73d1ecb97210577a828a727404b200d9870e14b23d6bd047de9201d629e7443a929c0740c67e
-
C:\Users\Admin\AppData\Local\Temp\nsy126.tmp\LangDLL.dllFilesize
5KB
MD583c5a8e90cd10cb31a9215eb4421341f
SHA152ddbbfa955936f87516c52b2bb679a6b4363e22
SHA256da006773e11871b8834036c30acab8fabcce2c9e9f52bb2b425f947bdf33f7c6
SHA51246c20fd762a643028f3c4287ed3dbd762bc1cd17ee5ad1d90cbad23f15901fbab14b726d7f3e45eeb370fb6a2ee5268a2e9ebaae7ab6067c855361d24fc806a4
-
C:\Users\Admin\AppData\Local\Temp\nsy126.tmp\SplashScreen.iniFilesize
154B
MD54612b3d4d23f35b3aba250ec393b03ef
SHA19f78e14c0ecdd5396d386bc9c84b746745363ac7
SHA256fc40704e16de729aa9b481575b10f66b0107bb4a90d6597d64ed0c32d135e168
SHA5124fa7705066e6d76afdbd09ebf81df47310bb364c93797dfb2701d8b6314f1122d405afe86dc08dd8a462a3949f2853dec91afc1b164c92d902ec6b3f0dbbef69