435506cbe66bebdfdf9a2a94b1e8f483fdf108ab308129a6eb8dfd56a8bc77bc

Sharing

Copy URL

Twitter E-mail

General

Target

windows.10.codec.pack.v2.2.0.setup.exe
Size

45.5MB
Sample

240220-jxhplsec28
MD5

908ea32c938f24669728a7c026a6552b
SHA1

2695b6cd468636b09c1495a86a69ce4f56203a0c
SHA256

435506cbe66bebdfdf9a2a94b1e8f483fdf108ab308129a6eb8dfd56a8bc77bc
SHA512

342281df3e8823dbca8231335c17d76fbc4d0ba35a97c2d777d11c9ca33b86e689ef54c86aebbbec50a6f499b7232c4d56406f0471cce666a74203bfe95e710e
SSDEEP

786432:Zbe52lsoZacQr5el64WTdDUCpGnSlyXMs8AdIqCmF3kdPEcOKbBhscBpw4yTie6d:ZbpHZac09DtpI7XMvmIqoPppw4yees

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  windows.10.codec.pack.v2.2.0.setup.exe
- Size
  
  45.5MB
- MD5
  
  908ea32c938f24669728a7c026a6552b
- SHA1
  
  2695b6cd468636b09c1495a86a69ce4f56203a0c
- SHA256
  
  435506cbe66bebdfdf9a2a94b1e8f483fdf108ab308129a6eb8dfd56a8bc77bc
- SHA512
  
  342281df3e8823dbca8231335c17d76fbc4d0ba35a97c2d777d11c9ca33b86e689ef54c86aebbbec50a6f499b7232c4d56406f0471cce666a74203bfe95e710e
- SSDEEP
  
  786432:Zbe52lsoZacQr5el64WTdDUCpGnSlyXMs8AdIqCmF3kdPEcOKbBhscBpw4yTie6d:ZbpHZac09DtpI7XMvmIqoPppw4yees
Score

6^/10

discovery
- Checks for any installed AV software in registry
- Downloads MZ/PE file
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/HwInfo.dll
- Size
  
  68KB
- MD5
  
  44e5c77cae3ae434d1e4e619bdb1c39b
- SHA1
  
  9988f020eac45207d148668227b6819a38bdafa0
- SHA256
  
  326c406116026019a41c94b2e6b4c1061154f3bc9a395638063dae349f8a7579
- SHA512
  
  c3e40499d1296bebd2b1a770d9cd1f025859963a0f6dff002eb336f069f057ac4b3d2f5819232af6d2802ba1a3770f62440136030eb37355fa6f5b6ee0bc0470
- SSDEEP
  
  1536:6hS3Hyjn0HlDPnqIGbTZpJFSWLWT+3QDIlqZG:6hSXyjAqZTlDQUlWG
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  2a03c4a7ac5ee5e0e0a683949f70971b
- SHA1
  
  3bd9877caaea4804c0400420494ad1143179dcec
- SHA256
  
  d4f0042d8e7622b7e14395e926dd02edab3cdc77e82d88108b67a4d2cee9229b
- SHA512
  
  1942cdb522859f8dba46824786e361794a62e6201279201e1e0e2e07499fb6252933c5661782fccd77291c3650cafb2a7a08eee5431c8238f0da44840ee4c476
- SSDEEP
  
  192:y4n3T5aK+dHCMR1aQR9RuZl3WWmU7WYZsw1JpVGnrjdK72dwF7dBOne:Tn3T5KdHCMRD/R1cOnrjd+BO
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  99f345cf51b6c3c317d20a81acb11012
- SHA1
  
  b3d0355f527c536ea14a8ff51741c8739d66f727
- SHA256
  
  c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93
- SHA512
  
  937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  6f5257c0b8c0ef4d440f4f4fce85fb1b
- SHA1
  
  b6ac111dfb0d1fc75ad09c56bde7830232395785
- SHA256
  
  b7ccb923387cc346731471b20fc3df1ead13ec8c2e3147353c71bb0bd59bc8b1
- SHA512
  
  a3cc27f1efb52fb8ecda54a7c36ada39cefeabb7b16f2112303ea463b0e1a4d745198d413eebb3551e012c84a20dcdf4359e511e51bc3f1a60b13f1e3bad1aa8
- SSDEEP
  
  96:zPDYcJ+nx4vVp76JX7zBlkCg21Fxz4THxtrqw1at0JgwLEjo+OB3yUVCdl/wNj+y:zPtkuWJX7zB3kGwfy0nyUVsxCjOM61u
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  8ef0e4eb7c89cdd2b552de746f5e2a53
- SHA1
  
  820f681e7cec409a02b194a487d1c8af1038acf0
- SHA256
  
  41293b9f6588e0fbdc8fcf2a9bd8e2b244cd5ff038fc13033378da337219c9dc
- SHA512
  
  a68533e8a19637d0d44219549b24baba0dc4824424842f125600fda3edcafc4bb6bb340d57a00815f262d82373b440d58d6e4e5b2ceb29bb3f6bc4cbde66c3c5
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/audio.ini
- Size
  
  1KB
- MD5
  
  33c31c8fe96936ef314b9ce3f0b0857d
- SHA1
  
  9f5858e355a4789902943c0864efe5d7d1462c78
- SHA256
  
  8ab555f770ba17b6eb8849a4734b1c40b743fbe3f1bef78cb3183700d77da7eb
- SHA512
  
  c04d7ec29e8f977956b9c0d79929d76fb156b33f025139116687d66f2db749721ad78ac08656efc6ddec82583b9e143a3edf17e7c56e642411069c8c04e69db8
Score

1^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/cpudesc.dll
- Size
  
  4KB
- MD5
  
  d25102051b33f61c9f7fb564a4556219
- SHA1
  
  c683964c11d5175171bd009cb08f87592c923f85
- SHA256
  
  e58e5d1d8da2ea526d0d754b4faad3773021166b0720723efb7b30f1f5075398
- SHA512
  
  8828eec31926251d7e51b5bf1050c3519c9b7fca4f978fb6ee0bf18f9642c3460687f10ff79e5892100ecadbf49725711567c348e1dfccb3644bd9ef992a92f0
Score

3^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  d9256d9acaecabb20b7e9a1595abfa36
- SHA1
  
  ece1cab181dac7729246da1d4494b8daa10c3b70
- SHA256
  
  d7b2c55977a541f8d075e48d4e0a82eec79ad247b0ed168c19a8518131acd19c
- SHA512
  
  5827cdbfde0e766d1b74ecb22f9614232031da41c21d0f6ff6c9d5dcdfc0adc23e8fd616eb020ab42208932444b5e0cb1e6d6e698bead412eae19624a180b6ff
- SSDEEP
  
  96:oHqZ4zC5RH3cXX1LlYlRowycxM2DjDf3GEst+Nt+jvDYx4DPqndYHnxss:oHq+CP3uKrpyREs06YxuidGn
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  c129bc26a26be6f5816a03520bb37833
- SHA1
  
  18100042155f948301701744b131c516bf26ddb8
- SHA256
  
  d3694fa0503158194129d113fcc1c83177ff5a5f93d898ce0bcfe9ce12f06bf4
- SHA512
  
  dbe79859c41e00a6e951cee889e7f0de29a712792fb531662285a2d6e384884518c7d5d983894c185b3d31d81213d2477cf4576b0114d352b759fe07a1704e63
- SSDEEP
  
  96:y7GUaYNwCLuGFctpiKFlYJ8hH4RVHpwdEeY3kRlDr6dMqqyVgN738:8ygp3FcHi0xhYMR8dMqJVgN
Score

3^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/video.ini
- Size
  
  1KB
- MD5
  
  37b558ddc90e71054b38d94bcc16d6db
- SHA1
  
  efb8adcc0927cdd389c9ac019c78d30dc13b2550
- SHA256
  
  be34a2e3128892d1ac56ab331cbb51432174a796354862ab13e891d092596e8f
- SHA512
  
  f92f0c950eeea8b4734ac354dfab26423f309d8f7ae507c0e7c5af5a8a3782860842034c6636c93ca86d73d11d50c6bc5e1548e6135b79b48ebf4849cacc9b5c
Score

1^/10
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/video_hardware.ini
- Size
  
  793B
- MD5
  
  ae55f0409dcc7bdef48b9cd80983aa4b
- SHA1
  
  172a37dd63b933c90e45f3c9c1ad0acefa3f1488
- SHA256
  
  7d6e58bf4af4fc34a125d186331d2b971291ed5178963ec8b24eae1b0d46b7e3
- SHA512
  
  0a48570bf5d74fdd1113d39186a8427f103b851ebd94e1358e59b5738791f42c611abd642f4c99e4acc5af71809df31188153d682001422a4c505ebe5f448991
Score

1^/10
behavioral23 behavioral24
- Target
  
  $SYSDIR/Codecs/$0
- Size
  
  30KB
- MD5
  
  1bc3c1608ac94cf3fb4575dc96610fe0
- SHA1
  
  02a953629b0e272d8a9bbf5dacbb03402853bc8a
- SHA256
  
  64f426601f824c9ec361755cb157d5f80499b8bbf4a29455bfca1fb65f2aae5c
- SHA512
  
  63881bcdf359f22de1a7582d943ec241ab2fe32fd68e202befd940c4e2ee86092797bc2de4514685d122235465fcc992cb0b5c1b9899869f9ca5840bcd8bec05
- SSDEEP
  
  384:VAxUaGAn0AYDK/Eaium7FJt/O28ELjgIaK+v14RgQa2OIA9qtKYe8jLgDu7mTqZ/:VaQFDKAz5/uEYKBqUcYeILdKOcuG
Score

1^/10
behavioral25 behavioral26
- Target
  
  $SYSDIR/Codecs/CleanUp.exe.new
- Size
  
  80KB
- MD5
  
  ad4ddfbcb3f9f8dec23582b6d24f2902
- SHA1
  
  84c3374b67ca3e65d4590f6fd655cb9eff86de0f
- SHA256
  
  65f440971f79ff77256bdfa22788547cdaf927340cc598491a6ed1c1e7f5f050
- SHA512
  
  e1c7b3e481f9abc41ce4326afe00c27681714b0bdce0db55272f48d28b7de1cdf6cc0e8946fffa30a66a1d50320150f2d3721bc106bc917393986075595f45c2
- SSDEEP
  
  1536:q8c2IoTp9pvPoZmE8d/XJLuCpBrjwp2ywMsf4tJna9iHbioQ+CQ0HqYAQ+8iAy:pc29Tp9pltdXJJpVKq2f7cHKYPDy
Score

3^/10
behavioral27 behavioral28
- Target
  
  $SYSDIR/Codecs/CleanUp_x64.exe.new
- Size
  
  59KB
- MD5
  
  8fccce59080b31b379a9455fcb6a2d5c
- SHA1
  
  82c237910edd7df6c76b1d84bee9c667aa03356d
- SHA256
  
  e335b2aaf74356eeed90bd4117fb961115ad8ef94f03b9f0340cd46c12ced1c5
- SHA512
  
  27cb0ad805847f004ac6aee38e282cd640da4c82366a8818d18a8f1cc74ce901a684637463861095236fbff0febadd7d0017781dd09646ad4eafad9c07ca0707
- SSDEEP
  
  1536:08c2IoTp9pvPoZmE8d/XJLuCpC8KbCOD31HbioQ+UMH6Q+8iAKA:rc29Tp9pltdXJJp4bzr17+MJDKA
Score

4^/10
behavioral29 behavioral30
- Target
  
  $SYSDIR/Codecs/D3DCompiler_47.dll
- Size
  
  3.4MB
- MD5
  
  960ae99a15b1c8c9fbddde97606478f9
- SHA1
  
  0c856ba7367e719466adb73227c39dffeaddde27
- SHA256
  
  e3009e3738fab1f7cd685567c5aa1eb0a408ac51d0cda5da788841174d7625b1
- SHA512
  
  437e6e893a43529e181bd98ff7f16996a79012da02f15e1ded8ef4818383e98af6f5a8afccae351dd0f1c0a2e4f7a8a1f2ba43e2c5a9b29f9f6f5f58ab35ef87
- SSDEEP
  
  49152:1uVAMaMEjIHf+x7B/nb9ki5tFMvumXhQl3kPsXluxXb:oA42x75nuktGc3kPsXluxr
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

Software Discovery

T1518

Security Software Discovery

T1518.001

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks for any installed AV software in registry

Downloads MZ/PE file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32