General

  • Target

    video-converter-ultimate7.exe.7z

  • Size

    36.0MB

  • Sample

    240222-tw8vhscg63

  • MD5

    322c363f807757101ceb7a6cfde5d826

  • SHA1

    86bec45c3bf64d499c86fbf9c4b7d47e45e73a02

  • SHA256

    760636d03087b077d025ac5e26883455df6684ff711160394350e56c0c1cfcdf

  • SHA512

    43318db1f137fe231e5b248cca1df0331f909801c353085cf0afb848910b0c8cb30bc28ba597be32d57cbe0018bf590edb8abd0223b5003935b1abfe87475046

  • SSDEEP

    786432:adiV+0OJs0wgjYTLN9g1Gp3GtvW5Koj+77mudaINwiPNokAWXNf:adi6Jswjg/pmpr/oiNf

Malware Config

Targets

    • Target

      video-converter-ultimate7.exe

    • Size

      37.5MB

    • MD5

      0f418793119c83329c6a03e418228176

    • SHA1

      c746a79a64df10f8be5346411f2d658af6c63ba5

    • SHA256

      dd3c7d03fac30b8cf168c39ee0609a3546ddd108dafd00df195fc74f750e88d3

    • SHA512

      5fd50fb68fa83ffcfdaf13b3c6fa1666e5216cdcb8ce8a710bc9ec52ef9fbb969b1c90bb136e53bebe62dc846ba3dd6633b74f54d2ab92b1abf169f1432bad13

    • SSDEEP

      786432:GGvSsLI2WswZg1yjDwySmSQkcc4eH5L1kSOfqYVMze8:GaS/3fZg1SDMCkJefqhZ

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    • Target

      plugins/1-1-0(beta)/avslib/filters/channels.avsi

    • Size

      8KB

    • MD5

      fb6ab806bd57b7d8aa4e35b722b19030

    • SHA1

      3d67cf0348b81d3f61c7c928102728784f53fc8e

    • SHA256

      8b1b3d80afb73b6cd43519a4a2c52a608e2d7a258d9f288ca923787c5e9dabd5

    • SHA512

      b8d04957421341b987f6172a7a95884125a5766660bb271824e2a290422c06014cbbda3ac40e4a7992b4cc794a1a17116a31016d0234da3263eb3a33665461ce

    • SSDEEP

      192:ubgCWEIN2jvtlGxIb9+6lZURCfbrg2I+w+t6:ub7lGCb9+uZU0w+Q

    Score
    1/10
    • Target

      plugins/1-1-0(beta)/avslib/filters/edit.avsi

    • Size

      11KB

    • MD5

      94767535b5a115840ff66f5b96073b26

    • SHA1

      4de59be5a70d300e393525a4157595fc35c1f388

    • SHA256

      657fbb4d1b606547db3b14c04c475f9665b5d6e4d22690876670186f286e5344

    • SHA512

      355a82d8db7b12218310525d59318545471c06ab0c42bba18bc8709ae749f92dfb5394526755f72a65e4f389cc5a88a114396575546dac030256b2726346d88a

    • SSDEEP

      192:vbEgTpX/wqep7ioPuyA4pDvk1+sMDsTTbnA06wr160VTIGq2VRH:vbNpX/wqedioPuyxG1+sMDsT/A06wr1z

    Score
    1/10
    • Target

      plugins/1-1-0(beta)/avslib/filters/resize.avsi

    • Size

      10KB

    • MD5

      73fc2f6ce9aba1595e297d24ca45b0c1

    • SHA1

      f2e3c6672eea2a226db10aad6404911522103c81

    • SHA256

      9fb4eb40747eeab42e9b672ff91eafb29d96202c3ac5858d4556adb14eb17b1d

    • SHA512

      8ef4da3c4121cde55c4cae92e9e42905fe8af5786f0208af18c4de003ada3f0c7f53ec83a49267966726e1dece65a49375ac7cd4446d6dca057118c43a90a249

    • SSDEEP

      192:91b8Xwb+VyQOOWsZ3HGzt1n+Gm35TPR8XI53FbGjItm:TbLOWsdFTPR8Y9RGjItm

    Score
    1/10
    • Target

      plugins/1-1-0(beta)/avslib/numeric/powseries.avsi

    • Size

      3KB

    • MD5

      f3b9ac6e202fe8e894b6eb5b4ec42ca2

    • SHA1

      f5fbd537cf4df124e1884ec5f73b7be7f4f26bc2

    • SHA256

      8323678e745d5a317ad31135534c0079623a302938a837caea1f4afda896a995

    • SHA512

      3874cb6b838d42d157acdf63b120e68a902b293652bcd4bc370646fbeb558bdc1f49226b9e365a996de984c3a15e8890c65209f765b830f1f43aa0bba537c8cc

    Score
    1/10
    • Target

      plugins/1-1-0(beta)/avslib/string/core.avsi

    • Size

      9KB

    • MD5

      ca3ac44cb36a6dd2fcfba165134156bb

    • SHA1

      4542c999b08762ebca1db27a8776c9961ee83c14

    • SHA256

      d09e1fafd884e0ab0f837a1fc51b9ac5cc6157ee5d64800ba498cea9546f247b

    • SHA512

      4d749477547a7ac615ded4c391826c16a097531e2b892d8f3768cdfdb65d780c19a7f35c6afb0cc07900549b486ad3ddb542dd401fcf4f97af7d20fc5701a7a8

    • SSDEEP

      192:ibcfwubLIGXSlHkYd+d0hG+0KPmKbb45gJweHq:ibQlXSuJSh0K+Kb2PeHq

    Score
    1/10
    • Target

      plugins/EffectsMany.dll

    • Size

      368KB

    • MD5

      6717d63e93173c32932700151b1c3635

    • SHA1

      27a7a40eb4a51c98ceadb12ee23adf799170e541

    • SHA256

      c784b86d061dc12dd13ed219f776979109bbccdd66c4109563597c08ad9af68b

    • SHA512

      be04ed55c22dfc84b52b215091fa0752a373d05b68cdb083ffa39251e58bd75824b3945a60841752ce40f207343d6940306a50fd4c6b353e1dc385308d49d64c

    • SSDEEP

      6144:BrtVLdhOfHzxLTNEtbiemSk2S3VG+AktSZppny7VVRfWCf9m3R+d8fyhYLiZMVB5:BXdULitOeOPVHAk0ppy71f7f9PuQw

    Score
    3/10
    • Target

      plugins/loader.avsi

    • Size

      5KB

    • MD5

      4e293a84fb1fa03defdaef3f3cf51d1c

    • SHA1

      d012b45bc4a428b4ea8be314ce7365bdf915c5d8

    • SHA256

      1e16a07f2d1a60cef1aebfaf26aefe9db1bcafdaf90476bbe8ccb7b18994add9

    • SHA512

      b9d9248e0f9598c173abb21f407425cbd386d4fdaaafe02228b757b97071c68396b56d931be36027d08b52afce6238d33baa29c6b5cb0565917e48bca5e8417f

    • SSDEEP

      96:wRp0jk2jEnNb92gq7u2RfOJDFmfjsH2sp89CrmCETFE4FTvtvR2:saj9Gb9HcwUwHRp89CrmCETi4nR2

    Score
    1/10
    • Target

      plugins/soxfilter.dll

    • Size

      239KB

    • MD5

      74fa1740a5bf8a4501c32df7162bb4af

    • SHA1

      49113e4392516589e84d4a24353f587a4e361f14

    • SHA256

      952c8d8e409bb836dca9a557cc0c3335f1562d64fd050d89c48e012378a8cb50

    • SHA512

      21874af611c204c857659aab9b1834457a5b486f0c0ffe1f8ca5eb20c24f73d6828c7665045b32ed2f37ce997cc4f6a098fba600a5b9cca2261c680ad396409e

    • SSDEEP

      6144:g5Hamu/RTZu7RlP/ohBv82PHVfdl4YsVNPyZK/sOtqT:fFu7RlP/oPDPHJsHyZK0

    Score
    1/10
    • Target

      pthread.dll

    • Size

      29KB

    • MD5

      bb88d1b531a5fe4e1640ae53c24d60ff

    • SHA1

      4830d599e6c5a44a4dfdee39b78adaf2f3442a9c

    • SHA256

      b5e8772681839066e9a3918eeb6cdf07e4ec3344b2e3d2e9a4a283ae8b098c48

    • SHA512

      466aa649a5454b1aa801e04e6151351a85e623f4313bddf344fe8aabba3f45916385f5d4dedf1b49bef7fbeb7623f8774d37fe35c6042c6c89618dd146cdb04a

    • SSDEEP

      384:ZPhkOMZXDNZCspyzDh1jxKnQ7SeWDA3aiYPymYNYbb5KJ40c5NP4bRCCliH32Jgx:ZPabwXtoYjWc0aamWNRCliH3Ygh

    Score
    1/10
    • Target

      real-supports/codecs/colorcvt.dll

    • Size

      536KB

    • MD5

      fee174fa75745239446f0d1f1d365c28

    • SHA1

      d86a90f33a507fbd8278cc58b1d0c2ce6fb809a2

    • SHA256

      219a8e99b8002e72e48732d502e3a6bb194b4554104f9e58d4a28d443a1ebdbe

    • SHA512

      159456dcd6351c443f1379fd44de3a79ed624cddd1bbb91e778a9865eaf6557f52189096ac54d4c5d9b0b73147ae7705a3e2aca2e6510d36644757d273475afa

    • SSDEEP

      12288:5LfLv74Iq4S1K2hTxlSLR8QegKXHLEU+RONk76RyP0oBrfdtW:NnMuR8JxXHLEU+RONk76RyP0oBrfPW

    Score
    1/10
    • Target

      real-supports/codecs/cook.dll

    • Size

      64KB

    • MD5

      fec421f11f3e143665387a26b05b696e

    • SHA1

      881df4f3e97fcb2e671f4dc54ba6b5d56f0eff54

    • SHA256

      a51bff72ece803500283517ac3d35e25d17295b094cb453687b75d159353bafa

    • SHA512

      f30ae4ff177c625daaabafd497e191e98571a0a35de096bbd54a406cd56f85998269d9f720b6beeb192bafd1a6ef5a0e747ef313bd0c450f747e199e6380c1f6

    • SSDEEP

      768:tBrGeYp8LkLF7JlJa6Cvu+iZK4nGlo7dCYtVykJK+t6tj6tVDWBE3Ghv+XbG:tS8LkzNCvViZNnyYdRK+t6t1F

    Score
    3/10
    • Target

      real-supports/codecs/erv3.dll

    • Size

      260KB

    • MD5

      c1c3701481221ab39365c2f300643a63

    • SHA1

      1983aa9bda31856cc000e280aecd906f54b4e0fb

    • SHA256

      91d5a17ff6fcfab890d24d57c9c64f03f540979e949d4883433cc44b8cc32700

    • SHA512

      c115c4599716cf43d0fd3a450af14a7655a486c2b01dcb02ca4ea8413716c924f57e1b37195223d70b87414fd1b6f86e66ec4ca85ec69aa3b7fde7978dcd2a95

    • SSDEEP

      6144:nwbEScIpZH6B7HZDQAfmLSieQu/tWOwFt5ZRsNZmljEz7:qE4aBTZDX7T/thwFt5Z+ZmlYz7

    Score
    3/10
    • Target

      real-supports/codecs/erv4.dll

    • Size

      468KB

    • MD5

      93b0942d1a70b8d7d59d90089e246c25

    • SHA1

      2170eada30779af102964ea05dd8a6f449876c97

    • SHA256

      3b27565278cc6b3a499f3eb041161a8e1e002d7fbd7ad17be79bff79e0f5cbbb

    • SHA512

      e01efa89d17de9658e7974db3ae1edb4849aa41d3ca966a064ae4da68631f83f19450642c515188d13ac4988fe5a2016322c3242445243990cb2e8820d9e4127

    • SSDEEP

      6144:02yjLfQhD7QvWTM9HZ5kf7kqHda6aDKfFZSScAoyus7Vd/pojh1vczmDJ1u+BilC:eBHzaI/6ymF520j/pch1vcCDJA+8lYz7

    Score
    3/10
    • Target

      real-supports/codecs/ralf.dll

    • Size

      152KB

    • MD5

      408d468086d281f526a84836e0c49e71

    • SHA1

      2e339077d0c5bdd0e0a6db892054289e24ad7682

    • SHA256

      b07cc92e6cf0a2609bb20bef9a4d469a77c6cce6bc5a147f4125a456cdb429ec

    • SHA512

      5a6689890bbc3f13925d73076018f8ebb75f314e732336a8163d563b2959c48d11c347be997c1f9ee5459afe52134500a11ffbab94b8fb632c8597f1d375c096

    • SSDEEP

      3072:sHWOqg0q2eZa8tMS+4L2XKhQlR9k2AX4G2c78RUtq82OEk74n:gZD/Za8x+I2ahwDAXt2cgRUtV/LE

    Score
    3/10
    • Target

      skin/com_skin/imgettingstartedweb/Brownstone/GettingStarted.html

    • Size

      1KB

    • MD5

      3baf23d4a24863f6edc40121b587a6a8

    • SHA1

      4e68aa36ff9f5f7678c7a638ef9961f765798a47

    • SHA256

      a2c5344617ebc8faae8b2475e806d823b75c764810937d3be632caeae4477e62

    • SHA512

      d6851ae4ad1ad46ab2fb4ed24345593b0888a05af9274f939d585f2db32b7a064681cfa238fa0e8aba12803596accaf14515851fee85302912ff81ebd40220f5

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discoveryevasiontrojan
Score
7/10

behavioral2

Score
7/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
3/10

behavioral30

Score
3/10

behavioral31

Score
1/10

behavioral32

Score
1/10