Overview

overview

9

Static

static

9

HFlashPlay....1.zip

windows10-2004-x64

1

HFlashPlayer.exe

windows10-2004-x64

7

flashplayer.exe

windows10-2004-x64

1

unregister.reg

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    HFlashPlayer-windows-0.1.1.zip

  • Size

    6.4MB

  • Sample

    240127-b1vjkscadl

  • MD5

    329c7ae58c7ae013be494462a69bc7a1

  • SHA1

    7fe7caf51d94fae6e6187073151366ef19a7231c

  • SHA256

    2c341e9ae196b1bcb137a43be29251e93561f9d578b08d2863529585039e885b

  • SHA512

    24bd8262909d03ddeb8108b04a8b0bf8012be60080294e761d12fc2bb4555ba53cf0000823d828eeb56f7b9237dc1295482764b539f91fbcb5150658ced01689

  • SSDEEP

    196608:MzHDxzzcsrwzmxP1khXTELnUZD5imvX3kLy01a:MHlcsrc+65EMEmPUyOa

Score
9/10
cryptonepacker

Malware Config

Targets

    • Target

      HFlashPlayer-windows-0.1.1.zip

    • Size

      6.4MB

    • MD5

      329c7ae58c7ae013be494462a69bc7a1

    • SHA1

      7fe7caf51d94fae6e6187073151366ef19a7231c

    • SHA256

      2c341e9ae196b1bcb137a43be29251e93561f9d578b08d2863529585039e885b

    • SHA512

      24bd8262909d03ddeb8108b04a8b0bf8012be60080294e761d12fc2bb4555ba53cf0000823d828eeb56f7b9237dc1295482764b539f91fbcb5150658ced01689

    • SSDEEP

      196608:MzHDxzzcsrwzmxP1khXTELnUZD5imvX3kLy01a:MHlcsrc+65EMEmPUyOa

    Score
    1/10
    behavioral1

    • Target

      HFlashPlayer.exe

    • Size

      33KB

    • MD5

      6c52eb6343505125e91b788d603c7a39

    • SHA1

      7112987259eb367d016e911a2d0afc94c31a0fcf

    • SHA256

      05d59d0257868942f418f826695cfb3907ea0bc27df9885657526c376b8ec03f

    • SHA512

      227b1ace54100864cb0bdcf58fe7e9edcf45c1d45048729383ec3e887f729c80422da289ea05a8eaaa048e2c542088012609aaed53dd5d345a4f11432a5e0cb8

    • SSDEEP

      768:TPprSjI6nXqIpQ9ka3JK6nXqIpQ9kalJy:TxX0XqIi3E0XqIilM

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral2

    • Target

      flashplayer.exe

    • Size

      15.3MB

    • MD5

      a8a8c089a6a8583b24c85f5a4a41f5ac

    • SHA1

      798c755fab62d9fc7019bd195026195d0d339a38

    • SHA256

      b6ba115c2b43d87aaddf0060c44726e7af1a12c9501fc63de652a9517d7367db

    • SHA512

      1636318338ae3eeb2d194e62463b279f9ff86e22e119ac6bb134d8ec958a69930815b6f84b9019342b62c470020465d3288bb592676318902e6cb765029d2f2f

    • SSDEEP

      393216:e+VtcTsNLwevhv3aDtxf0mAPXXprADug+js0+oEbiNO0TNPRU70hlz:e4tcCLwevhHPXXprADuO8PRUQht

    Score
    1/10
    behavioral3

    • Target

      unregister.reg

    • Size

      65B

    • MD5

      e48ebeaabbb68d065d7ab963f2657230

    • SHA1

      a8f33c52134549925382cbe77002ef79104eed1d

    • SHA256

      704069829b47553b17ef6dace150037759f82c57deed799e57f62407ebdab9d6

    • SHA512

      63dba0fae04ec388ec9bd0decfe8b2078dff8dd39e9b56b5e4a34f2593cff22435891c5d8b420f3340e14d1aea56e78e696dc5d7042e9e5aec5471aeb1199710

    Score
    1/10
    behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks