6d192fbf295a7505ae7fdb872f12465b79931c7284ab21bc493bc3a118ae844b

Sharing

Copy URL

Twitter E-mail

General

Target

OBS-Studio-30.0.2-Full-Installer-x64.exe
Size

129.7MB
Sample

240213-rzz1nsca71
MD5

069b50c9ad5271d87b4fdd7827e77651
SHA1

caf23a0206d6ee60ba34c32e0f1ed67343d218f2
SHA256

6d192fbf295a7505ae7fdb872f12465b79931c7284ab21bc493bc3a118ae844b
SHA512

644d7de414b53dc9ca6c13a60612397fa27fda47112c008401a0a4dcdcf4beaab57737764cb3ae515ce97ebbcec3382aca0306e4e15145262346aba63b443a4c
SSDEEP

3145728:MtwJRWuE1gDI1F4Ojhevw+0renDKYiCzLAs+aqT7GrEeLoyNI5Xk:vJHE11jhq0rieY5zLAs+DTwEeLBe50

Score

7^/10

Malware Config

Targets

- Target
  
  OBS-Studio-30.0.2-Full-Installer-x64.exe
- Size
  
  129.7MB
- MD5
  
  069b50c9ad5271d87b4fdd7827e77651
- SHA1
  
  caf23a0206d6ee60ba34c32e0f1ed67343d218f2
- SHA256
  
  6d192fbf295a7505ae7fdb872f12465b79931c7284ab21bc493bc3a118ae844b
- SHA512
  
  644d7de414b53dc9ca6c13a60612397fa27fda47112c008401a0a4dcdcf4beaab57737764cb3ae515ce97ebbcec3382aca0306e4e15145262346aba63b443a4c
- SSDEEP
  
  3145728:MtwJRWuE1gDI1F4Ojhevw+0renDKYiCzLAs+aqT7GrEeLoyNI5Xk:vJHE11jhq0rieY5zLAs+DTwEeLBe50
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  data/obs-plugins/frontend-tools/scripts/url-text.py
- Size
  
  2KB
- MD5
  
  982319dc7736f0a7f753cdec07051cf9
- SHA1
  
  4f86b3f856a518b0ae9ab0e70895d55074a2057c
- SHA256
  
  178aafd7c5c2188fc509805c4651ba248b2c55b26aaecb2ac445e5477bf4e2f3
- SHA512
  
  2d15b74d6c53ec5eae4f4983ea35379c1c5781d2ca7280320114a166b181742e60c9e68acf6991f30b4a0f6c9e7afbde7b7c62cd132207450c39b95e4def401f
Score

3^/10
behavioral3 behavioral4
- Target
  
  data/obs-plugins/obs-browser/error.html
- Size
  
  9KB
- MD5
  
  cd6ac47154ebc9cd4d111bb6ba35007a
- SHA1
  
  257fae5ba0c523f579ec9cd4b28544b2f7607cce
- SHA256
  
  d278c8bc59121427c59412f9396947843152ff7ec3fafd4da1cb62cf80473a47
- SHA512
  
  53e1f4136fd9db93af672f1ed068c2117b5b4dd069e49f937a437559490cd80076f50cd8cf688c7e2ac84fb034b745e33eb0e1956c20e3be05689202e231fab7
- SSDEEP
  
  192:48mrp7ioprypyI5868vKx9Fv7bRrjYn+PT7ponIc:QtdspyI58gdbRrk+yL
Score

1^/10
behavioral5 behavioral6
- Target
  
  obs-plugins/64bit/aja.dll
- Size
  
  2.1MB
- MD5
  
  5bcb4bc5a354b2b2907085bfb0a54f6a
- SHA1
  
  2e7e916a92945170200727be29a5a33a5d81a768
- SHA256
  
  3029b73c33b10ebbaaf4f22ec77454e066a452962dd48c586bce6ab323b77d20
- SHA512
  
  637e331448cd7535792b049251a55bf191ab05cf3fb0ebe02ba992ec788fd93b195407ae35ac0a12f1690b9ec42ec5390b7275a83133d8d7773e0ed703d071db
- SSDEEP
  
  49152:B0B+RDbHnUv5LcZZ6xm2F81Ggu6aaGzKgI2GBR:BhFZyFxgu6aaGzKgIBR
Score

1^/10
behavioral7 behavioral8
- Target
  
  obs-plugins/64bit/chrome_elf.dll
- Size
  
  1.2MB
- MD5
  
  65cb875d0a8d1c33e53866a67e11c459
- SHA1
  
  1e34f28084bac0eb7a6dc7c03aa158b9d5cf0067
- SHA256
  
  865ab9a301531372d4fb3de8fbae92a11745e71ab47ebf9e3dbb68788dc9de67
- SHA512
  
  4cf0b8f43f47aea1e2d8c4571ad3298c9b0989ee7cb52181053a306b6ff299bd64c462c24b05f10b94c2a373f12725dfea25096cfdb56db8960d3bdeb26b46c3
- SSDEEP
  
  12288:zLRUCPAsgA2nOIcnJJgndLpPoeEt1yle0atiH7WPdlLPpodwpYyBfer5+nToCktd:zN5P8JcJJUdLho9LPWODZSgN
Score

1^/10
behavioral10 behavioral9
- Target
  
  obs-plugins/64bit/coreaudio-encoder.dll
- Size
  
  57KB
- MD5
  
  eea26f9095cb002f8706fe517884e9f7
- SHA1
  
  1ade435c09b876699d6b0532b0c97d93bf948835
- SHA256
  
  37aed1610acfec160578ad240f6932790d355d870d1744360029fda4983cdacc
- SHA512
  
  52c5ac646ea90acc763447a549c4c5f6aa8d32a8db30fb7e1fdc57fe0274fc115ea9595647f3e79a169ac4d2571fbe6bca3c123e9dbadb3a436784748d9b5101
- SSDEEP
  
  768:8pSfjfT5jqYEkA2Arsda8mRjLnTGhkNQVRqHcgEpYinAMx1ntG:dvhqD9GajjLnQkNQjqHcp7Hx1n
Score

1^/10
behavioral11 behavioral12
- Target
  
  obs-plugins/64bit/decklink-captions.dll
- Size
  
  55KB
- MD5
  
  aa2473fbcfbce050739e72b8c2f810a9
- SHA1
  
  ebc4cb211771d0cf992e94eefdef1265ceccdc92
- SHA256
  
  2adf685222ed286d9625a248f157cf450a2923e871c50b8a9830614568156c68
- SHA512
  
  40b7dbbed88463b49d2859c8d115a9a008f61074cd1a6612e204c04d50c85505dd7df7ad9335bd5dfecca40bfb142fa90f52d7a693ae66183266e80ace8fdc14
- SSDEEP
  
  1536:mzT4w9iKAbBiPitbEBa/gNlYf8+8zawoKnaZacW7Hx1n:mf4wgbsitbEBa/gNlYf8+8zaaaZ8
Score

1^/10
behavioral13 behavioral14
- Target
  
  obs-plugins/64bit/decklink-output-ui.dll
- Size
  
  209KB
- MD5
  
  66834fbdcba645227a496a7096b461da
- SHA1
  
  f17371030e9b3742d6d81e60753c4a574c942c7f
- SHA256
  
  f9fde0acbc30b3404342c82784c80e854f6003c250fb6aa02f95b00a9175a8e3
- SHA512
  
  2e53109039c4b0c681822315ef8d9687e0407d715b73fd86b41e68ec801f0f78acf95b1df8e03fd47443ca3728eca9e88b4b82c02cd73371341c69eebb6e343f
- SSDEEP
  
  6144:CaxpLSuKu+Nim/INl9+8za6zkSSj2NXbtTqABpm8CjcqQBUhLtffe6E:COpB
Score

1^/10
behavioral15 behavioral16
- Target
  
  obs-plugins/64bit/decklink.dll
- Size
  
  79KB
- MD5
  
  3959d738622fd54857b7d731c396c0c0
- SHA1
  
  95d35ba0153b06a1b76424d5744727ff2ea68a2f
- SHA256
  
  c8cd7758a96a8aaa1e6c76652e1f453f61c4f80f9acdb097972f786b4d990b5a
- SHA512
  
  fe5a375466f7a6458a8b27de9d71228bfdad2038406826af79bea0220e30ac1817a94a4b0783e67a97c34cf354a05ee00f372b49d8104a597123b69053abde9a
- SSDEEP
  
  1536:yW2SAymRM/kbqxYRlgTyYo2ntvlUYcX7Hx1n:yUa6/kbqWRlgWYttvlUj
Score

1^/10
behavioral17 behavioral18
- Target
  
  obs-plugins/64bit/frontend-tools.dll
- Size
  
  367KB
- MD5
  
  35c8eddf6b700d75231663fef1a12a44
- SHA1
  
  70c5d47ff4bc607b68f8b5330866902489c4e255
- SHA256
  
  b890a761b448379cbc2442a1fc93e15532a93394de483884e2e330fa0fd43043
- SHA512
  
  a9c54b0608455a8572972d8badbaf043258e1670bf856b5cd37434748e5bf8c3a99d4e1f9c1a9c03b8651c8b2ad7c29d6063df0c227ee82f1646e65df647576a
- SSDEEP
  
  6144:ttMlxcOaljsHNp2iLHPRjvOqzIVaGNuhunjFuLpK4GiitbfBpme/2CjNlEZU+1St:k0IH/XHPRrOwut4odR
Score

1^/10
behavioral19 behavioral20
- Target
  
  obs-plugins/64bit/image-source.dll
- Size
  
  44KB
- MD5
  
  09244e3ddfbd435520ee12b2390f684b
- SHA1
  
  821d570456ee2930b62a67407a44a1e5f6cc90bd
- SHA256
  
  12d740c242b84f49eafb5e3d60e57120688291d685d8e425ba22de88a93449ee
- SHA512
  
  a3eaf5a7f32cab575558c40e7efa4684052d1086648edd38fce4d26372530067f7aa8c2a4f5f135f1a997c514d8776302776cb934654bd25974aa09904ab34e1
- SSDEEP
  
  768:P2ugk3jF93TsTcpWJXraNZFIbWBcjEpYinAMx1n:P+k3jwgw1WTFIaBcc7Hx1n
Score

1^/10
behavioral21 behavioral22
- Target
  
  obs-plugins/64bit/libEGL.dll
- Size
  
  445KB
- MD5
  
  6f9595d0cce4ec2d5ab3d68067aae903
- SHA1
  
  0bda9200f08f0c680559f95e4ea31691267e8a47
- SHA256
  
  8a2760adb7007d712e676c86a9108c25b565b1b39c98a0a1149d91f2156940db
- SHA512
  
  f835945388cc33967721c8324b60e10b7d7a91aeb55fdecea14da32e725aaaab8dcd396972072c47feeab2ba9f51f1e5f978bff986c3f886c7bf359ae54abede
- SSDEEP
  
  12288:lDpNGMQY/PZgbuJVtvofqfO4Ui65ED71:jN1PZkqfhj7
Score

1^/10
behavioral23 behavioral24
- Target
  
  obs-plugins/64bit/libGLESv2.dll
- Size
  
  6.2MB
- MD5
  
  30bb883e79514875d7a6d1134612347a
- SHA1
  
  f7b0555affaa47e0a86732561595913f8cbf2ca2
- SHA256
  
  d09f4379828a0487a6af24dad7cc8ec68b03bdf5a094067f609db5adc8efa44c
- SHA512
  
  a7d45c219e89672a33d6fd629c8f6003e419dfae6ce9fb86c1fe11ce244724ff65df6b7ddc8360b0e47c2f14ec167261933f3c4908ffe43cdbce4d62977101b9
- SSDEEP
  
  49152:ZIr6m257PMPb04nJGowmHlQQCIkHKxf1xvOGdlJUqkAY6rwT9a5czej/B4RrbhW:V+sDq2+lEsKizqcGss8+1K
Score

1^/10
behavioral25 behavioral26
- Target
  
  obs-plugins/64bit/libcef.dll
- Size
  
  167.5MB
- MD5
  
  a30ed1f0792bbd39a67ff2eb4c55dec5
- SHA1
  
  2876d28b43ca136cd08457d5f626019cbc83bb33
- SHA256
  
  3b35f0894553fd92b7947d1418afd3d80c64985308f85a0d09a0da5381735043
- SHA512
  
  631a2fbd43d5ae11d3ad03df9250797d85500f7a2eab272f445ed8e081ae7c2b0ffcf0f488571cb31adec1d30eec9b80786ddd2118f106edcbec112d3bcaece3
- SSDEEP
  
  1572864:MhSYs3+Wu6TkANtsLVyZ7H18pIleTP3Gvz1bIE0Ei5rcCtz4pmXHo8CgLjkBfMyb:MhWuqOvgMo
Score

1^/10
behavioral27 behavioral28
- Target
  
  obs-plugins/64bit/obs-browser-page.exe
- Size
  
  562KB
- MD5
  
  9485165c3fedea7a905260242448b886
- SHA1
  
  3c1b4ca23768093ab72bd089ea85b9a1370c6728
- SHA256
  
  3fff99b85db4362cc12be3dce9137d275419cf825bafae72975043a71eaaf677
- SHA512
  
  719a91ea62520af4a91c831bef7a16ff759e080269b1acf9396638f1d76fc4c6f51cd2ecf305561731a3c446cbc7873eca1c682cf09fdfd789d0337491c7cf92
- SSDEEP
  
  12288:7fB7e9BBKS2fTdH0BvWxip9Puo4DxGlB90AtWAtkTHUebzopZ0R3lIwW+:7J7e9BBKS2fTdH0BvWxip9PuhDxGr90V
Score

1^/10
behavioral29 behavioral30
- Target
  
  obs-plugins/64bit/obs-browser.dll
- Size
  
  782KB
- MD5
  
  7d738e398f99ad179d1e630d300b1375
- SHA1
  
  ede00b318b8904e7471f81ab2411f4a3e5af5f42
- SHA256
  
  287a0360738630d937290bbf9d4b2daf2114fcd6f751c9634d9ff7b1803df47e
- SHA512
  
  3f80bc1530d03d07b1a10cadbe27be4005080fbc479cd1c21241743c8ff8e18221f42b83f3ab35ab3e656c187f90aa4d9031bdc37b6b9198f9672fdbbc3b7ceb
- SSDEEP
  
  24576:tzNr8gXprawDCdQMgHHETyd/RpQ+2FglQ5SWaZ0/7f:tz+dFglQ580
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32