Overview
overview
7Static
static
3bandicam-1-6-en.exe
windows7-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$TEMP/BDMP...UP.exe
windows7-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$SYSDIR/bdmjpeg.dll
windows7-x64
1$SYSDIR/bdmjpeg64.dll
windows7-x64
1$SYSDIR/bdmpega.dll
windows7-x64
1$SYSDIR/bdmpega64.dll
windows7-x64
1$SYSDIR/bdmpegv.dll
windows7-x64
1$SYSDIR/bdmpegv64.dll
windows7-x64
1$TEMP/bdfilters.dll
windows7-x64
1bdfilters.dll
windows7-x64
1bdfilters64.dll
windows7-x64
7bdcam.dll
windows7-x64
1bdcam.exe
windows7-x64
1bdcam64.exe
windows7-x64
1bdcam64.dll
windows7-x64
1bdcamih.dll
windows7-x64
1bdcap32.dll
windows7-x64
1bdcap64.dll
windows7-x64
1bdfix.exe
windows7-x64
1General
-
Target
bandicam-1-6-en.exe
-
Size
5.0MB
-
Sample
240222-zmxzjsfa61
-
MD5
b3dda3747f13053c8d42651b898ae81b
-
SHA1
04c3878ff05f1dd2a190ff7824bcfe6e64be70e0
-
SHA256
e2bda9dd998cbfc495ad3c077b0340447ea325de375953fe7400b3044147730f
-
SHA512
917d197afea2fc2320ed37ffe14b6eb9ade60d4b3bbbd062184c07c92444b13ae27f2e1df63728d335461b6e7d8139d147906102c0e102abc4e954dcfd77b8b5
-
SSDEEP
98304:NPhahnEm71/Cs8awInQ9hBZ8XcoaRI5fRrZ8mO2zMQmhBhrqfDGi+4iVPcPx/:NPPmGawIBXcoaMRrZ8mz0Rrgii1jx/
Static task
static1
Behavioral task
behavioral1
Sample
bandicam-1-6-en.exe
Resource
win7-20240220-es
Behavioral task
behavioral2
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240221-es
Behavioral task
behavioral3
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win7-20240221-es
Behavioral task
behavioral4
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240215-es
Behavioral task
behavioral5
Sample
$TEMP/BDMPEG1SETUP.exe
Resource
win7-20240221-es
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240221-es
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-es
Behavioral task
behavioral8
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240220-es
Behavioral task
behavioral9
Sample
$SYSDIR/bdmjpeg.dll
Resource
win7-20240221-es
Behavioral task
behavioral10
Sample
$SYSDIR/bdmjpeg64.dll
Resource
win7-20240221-es
Behavioral task
behavioral11
Sample
$SYSDIR/bdmpega.dll
Resource
win7-20240221-es
Behavioral task
behavioral12
Sample
$SYSDIR/bdmpega64.dll
Resource
win7-20240221-es
Behavioral task
behavioral13
Sample
$SYSDIR/bdmpegv.dll
Resource
win7-20240221-es
Behavioral task
behavioral14
Sample
$SYSDIR/bdmpegv64.dll
Resource
win7-20240220-es
Behavioral task
behavioral15
Sample
$TEMP/bdfilters.dll
Resource
win7-20240221-es
Behavioral task
behavioral16
Sample
bdfilters.dll
Resource
win7-20240221-es
Behavioral task
behavioral17
Sample
bdfilters64.dll
Resource
win7-20240215-es
Behavioral task
behavioral18
Sample
bdcam.dll
Resource
win7-20240221-es
Behavioral task
behavioral19
Sample
bdcam.exe
Resource
win7-20240221-es
Behavioral task
behavioral20
Sample
bdcam64.exe
Resource
win7-20240221-es
Behavioral task
behavioral21
Sample
bdcam64.dll
Resource
win7-20240221-es
Behavioral task
behavioral22
Sample
bdcamih.dll
Resource
win7-20240221-es
Behavioral task
behavioral23
Sample
bdcap32.dll
Resource
win7-20240221-es
Behavioral task
behavioral24
Sample
bdcap64.dll
Resource
win7-20240221-es
Behavioral task
behavioral25
Sample
bdfix.exe
Resource
win7-20240221-es
Malware Config
Targets
-
-
Target
bandicam-1-6-en.exe
-
Size
5.0MB
-
MD5
b3dda3747f13053c8d42651b898ae81b
-
SHA1
04c3878ff05f1dd2a190ff7824bcfe6e64be70e0
-
SHA256
e2bda9dd998cbfc495ad3c077b0340447ea325de375953fe7400b3044147730f
-
SHA512
917d197afea2fc2320ed37ffe14b6eb9ade60d4b3bbbd062184c07c92444b13ae27f2e1df63728d335461b6e7d8139d147906102c0e102abc4e954dcfd77b8b5
-
SSDEEP
98304:NPhahnEm71/Cs8awInQ9hBZ8XcoaRI5fRrZ8mO2zMQmhBhrqfDGi+4iVPcPx/:NPPmGawIBXcoaMRrZ8mz0Rrgii1jx/
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
15KB
-
MD5
6e663f1a0de94bc05d64d020da5d6f36
-
SHA1
c5abb0033776d6ab1f07e5b3568f7d64f90e5b04
-
SHA256
458b70e1745dc6e768d2338ccf3e6e86436488954ca3763472d8ffec4e7177e4
-
SHA512
2a037c39f3a08d4a80494227990f36c4fef2f73c4a6ad74dcc334317a1372234c25d08d8b80d79e126881a49fa4b3f2fffe3604c959d9ceceb47acc7192cc6a5
-
SSDEEP
192:VsIZHdT9uwYX94kYd2iCzHR+yK7imphLAykycpKPd5mj8ozxGUWumle:VsUHd9GN2d2iwl0impATIPdAj8Ov6
Score3/10 -
-
-
Target
$PLUGINSDIR/LangDLL.dll
-
Size
5KB
-
MD5
8e806ea2e205dc508a2fb5adda3419db
-
SHA1
21beab4e309b139fdcca7dd708df8dbbfd2dd5a3
-
SHA256
86a55734b8802051bbbd0e8c9c506d0ca985bc5c99113e99b309469046133937
-
SHA512
6b362bdadd6801ceb6106485015a4ae6d227dc04c1397a730ac8fd44b00649876ee7cbd0d7690b41dcaa8451c94e9f5838daa9fbc21f7306740de89667468cc1
-
SSDEEP
48:aTT4WeApYxYlxamAWHN+EuWkGWBBWAGr9SdLB8maofYZVSA:bWGSxamjHNDuWRWBBWvm6V
Score3/10 -
-
-
Target
$PLUGINSDIR/UserInfo.dll
-
Size
4KB
-
MD5
351b802508ee5462cbf7f35454a9dca6
-
SHA1
7b9a1bc758e10af02124143680f636853b421da1
-
SHA256
39275ee1767aac3ae0929a3e67a84a921610b45d5cfff3db1641893504d5c78d
-
SHA512
6b0a4a500597fefaceb5eab79737d4f8dd253bb6bf8c263699314deda417763857b4407457d877b28f7a9c1f40a241d378ccae80c68541ff3f102eac8a6ff8d2
Score3/10 -
-
-
Target
$TEMP/BDMPEG1SETUP.EXE
-
Size
1.2MB
-
MD5
0589ff5a72fe0c792e804734792694f9
-
SHA1
e27158e3e714625f2adcc27afd83b182e83b037b
-
SHA256
2705379fddf8dd2841cfd384f48fda20d7012d1524ddc529efcd0631f68db70f
-
SHA512
ea385c072de2d01a6e5b46dfcb7b7c12011d6138e837fab8fc147bbd0869e251452e645239a4b88cb675e525eb4abff76386d16ec4cb21ffeac6c5e5cdbea7a3
-
SSDEEP
24576:l+dgmOVgcy4PoAcEBGN6LS6/jlmdLxJGOWdREJTzaCCiIEOm7c6KcB:l+zD4AARBGNAwx4OWzEJTzt1Ox6DB
Score7/10-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
325b008aec81e5aaa57096f05d4212b5
-
SHA1
27a2d89747a20305b6518438eff5b9f57f7df5c3
-
SHA256
c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
-
SHA512
18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
-
SSDEEP
192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
$PLUGINSDIR/UserInfo.dll
-
Size
4KB
-
MD5
7579ade7ae1747a31960a228ce02e666
-
SHA1
8ec8571a296737e819dcf86353a43fcf8ec63351
-
SHA256
564c80dec62d76c53497c40094db360ff8a36e0dc1bda8383d0f9583138997f5
-
SHA512
a88bc56e938374c333b0e33cb72951635b5d5a98b9cb2d6785073cbcad23bf4c0f9f69d3b7e87b46c76eb03ced9bb786844ce87656a9e3df4ca24acf43d7a05b
Score3/10 -
-
-
Target
$SYSDIR/bdmjpeg.dll
-
Size
15KB
-
MD5
2ac3988bbee9584c57efcff61616e105
-
SHA1
cd92b3c225b497962cb90b1f5a68b5da42cb6ee3
-
SHA256
9c260db97b168d699148dc58d9b013834052e610fbcc78da1c4d7cc2d33a0ce2
-
SHA512
53eeca7a1c983bee04f6f923ffd14d4a44b13be407c10bbf854d06da1d397e36d19a0d99f0f1a8a66304e38f90f07fc2c395b37e4a8893bfb5a017cf4b3c916e
-
SSDEEP
192:Jc7HKZhkNpB6zEjPAS/Qjbf32oXX3WLjSHB772HXrOR3Xp9EqQSp1Bz3F:Jc7FKQ6moXX3WaHt2HbOtj1Rz
Score1/10 -
-
-
Target
$SYSDIR/bdmjpeg64.dll
-
Size
17KB
-
MD5
77927b449d56412b0ab6590c64eab57b
-
SHA1
396e62b9bceb8df74e23f8195b46a0866f8fc103
-
SHA256
dc3f4851ea55efa525e79c83c6541f0530caf9912d66abbe38b213ff5eeaa0e2
-
SHA512
a96036ddda07c3fec5e0c5a642c1e07da69c4927036c0be661c94f596a9cdf4c7535d1a752f1d4d60312e11685f74fd3a1dbc42beb0d7617d525a2776c36cca4
-
SSDEEP
384:lJDZG0KBK/dtPG+6/EbeTnf3B7ydeR5ajfyOlo/:9z5eTfVtW2Olo
Score1/10 -
-
-
Target
$SYSDIR/bdmpega.acm
-
Size
57KB
-
MD5
5c4b1aef2352cbf6974464fa2276a54a
-
SHA1
ba6fc5ab6836418d2a79dc67e2cf4305eb969d6d
-
SHA256
4a5afb70467d433040a3e31574de84058ce78f75ee5cea944ff6e00c6b232b0a
-
SHA512
c0274c1ac86637567188940159936acc6eeeccbf4247bb7ad7dc1c5f5da8d27283ca23270bc03de534e39b8cde0475d596e55f37419d7e45098c4c71b9f907d4
-
SSDEEP
768:522IN9PYUY9gpi00laScPILN0M7AoA6Obh0vaTxDcFMbjmzc8R+R:k2IPPYUuguZ707dBDZbatR+R
Score1/10 -
-
-
Target
$SYSDIR/bdmpega64.acm
-
Size
61KB
-
MD5
15f294a30095669856f7ba556af0b679
-
SHA1
991dd83adf483624c7e34b1ff02e6d3855a51282
-
SHA256
64c8b2367272b8947163b359fca4353412b84e56540b1971bac3a867a1da3c9d
-
SHA512
f56ce8a68017b7ed27df82000bc4b083c52b4e3bed4b641d79b6cc685fb3568ad0e7d1223d8a9c417d263ae0782a76ff0f263ab87b75d98cf19a70b8b04a595a
-
SSDEEP
1536:Z2WopVs/uBbcwOTlZTd7wOtOOGr1aAv7E:IWopC+bly7fOOGr1aAv
Score1/10 -
-
-
Target
$SYSDIR/bdmpegv.dll
-
Size
57KB
-
MD5
4209e06b0b1dfffb1bc37faad2ecf79b
-
SHA1
bd9967407d8cdf42d0b1ae71e40e3b1d540c42b7
-
SHA256
c110b9f37061b7b7e97ee84ace455b4d12457e2b2ec20cb864685faa0bdef877
-
SHA512
0b244985f449a9dc68dd2dceee0260380f01192888190d334130848bdff382db25eb6aeb29e739d091277ecece485de375d4c81df24bc44541a5cfead8d47816
-
SSDEEP
768:Zxgp+ksjhdgwxdlAdRpIPevJ9kIgKuAz9aEuG6dA+9SFMitgc8Rs/C:ZGp+kyjgKeemXkIh9FixzyaRsK
Score1/10 -
-
-
Target
$SYSDIR/bdmpegv64.dll
-
Size
61KB
-
MD5
41243f42f45fa48b4510014f016ba2a6
-
SHA1
66812776ebec20a526334445467c9810fdffb832
-
SHA256
790ac30c76936939ec14e53093f305e53a0b8025b4459636033570799ee08c13
-
SHA512
a84b738318312922d01249e8103872c6bffd549690b49a1ccadd3f35db1cb5cdae3ea87e8de8b8a85a7db6603d8d6c2e0214d6c66852da0b9153268863b0c2e5
-
SSDEEP
1536:WwNeq0qunMKNTO4ZXuhZtaDJfLbr0dg/HRm3:W6eq9unMK9whXaDlLbr0dg/HRm3
Score1/10 -
-
-
Target
$TEMP/bdfilters.dll
-
Size
3.1MB
-
MD5
ce7771d46984248bdda017f5c6f608f7
-
SHA1
1dc0f86c9b4752463b59d5070f59f99f63cc5ee5
-
SHA256
a8e95fede4a8df0bb8881d19f2d81fd87f37118c8e93004e0857cebb996f44a3
-
SHA512
b1e267f91c05544b4a02e57601e021934ba884eebfc51277cefa917383a1c1ec85ddeb3b5f927885967e46a0cb97adceae81443a6423fbbc2a598e717d279fb3
-
SSDEEP
98304:o69qYpGOg2/rPiYmjDBmmhjOF5oggxtaIrZfVvvv:oYqYpGOg2/rPiY9Evvv
Score1/10 -
-
-
Target
bdfilters.dll
-
Size
3.1MB
-
MD5
ce7771d46984248bdda017f5c6f608f7
-
SHA1
1dc0f86c9b4752463b59d5070f59f99f63cc5ee5
-
SHA256
a8e95fede4a8df0bb8881d19f2d81fd87f37118c8e93004e0857cebb996f44a3
-
SHA512
b1e267f91c05544b4a02e57601e021934ba884eebfc51277cefa917383a1c1ec85ddeb3b5f927885967e46a0cb97adceae81443a6423fbbc2a598e717d279fb3
-
SSDEEP
98304:o69qYpGOg2/rPiYmjDBmmhjOF5oggxtaIrZfVvvv:oYqYpGOg2/rPiY9Evvv
Score1/10 -
-
-
Target
bdfilters64.dll
-
Size
3.7MB
-
MD5
79dd4a67830c508079eccdd8c1332cc4
-
SHA1
f8a4fba282d40b8c1a9bf7339cec1e3d947d321d
-
SHA256
87c92d2e700f9a3bc62630be3a92e2df01d8d497afcf30d466d65f926a65f230
-
SHA512
2605d00cb14957384e1016a1f0e587e8c38a303814374ffeaf74504b8cd92d432c875b72d44b7a8565fa9c209d3d899560c4d47f7bf568a141b7100bd2525545
-
SSDEEP
49152:rf2EUD3PQxTTvfwBvvfrsdBD3PQxTTvfwBvvfrsdBD3PQxTTvfwBvvfrsdyy1y6o:CEcn6QwJFPvvv
Score7/10-
Registers COM server for autorun
-
-
-
Target
bdcam.dll
-
Size
433KB
-
MD5
65e41d4d1b4026f613327bc8afa459ea
-
SHA1
bbb158ecfc93d345e3c64cd9ea7b5f1f0e875f20
-
SHA256
2ea45b8f233b61fc60058368eac9cec9f4f46f8cebc1f5ca4799a84a82e3e838
-
SHA512
aeb1177843aba73e7dc0f4672ee51c99d193aade7f88bab89adca12b2833f4420c01cb13424cda2061912df3afca4a1571e9090d44c9ec6ee5460156af558cdd
-
SSDEEP
6144:MSCt0Or771BggnS26o42wcPXkE7DexPkkeHhmPiY2sCOIwU:DC0Or771BggSf8DexskeHhm4sCOi
Score1/10 -
-
-
Target
bdcam.exe
-
Size
975KB
-
MD5
907a27105e6792d926220de1d69f9a90
-
SHA1
d512f68501ace290604e4ab6f45bfd4361045301
-
SHA256
c6700c69f3430da3fe9548d116e18b312ede6746eedf24dfd20aa42b6f70e249
-
SHA512
779d5a0f41ded1cc3b6ab9d8c04d7ce4c2f5bf4207aa56ebf1ae530ac828fd6d953c9d623e815fdaddfba00c7a9da7678cfdaebe3e23e9e8d4538cae7c276a1b
-
SSDEEP
24576:eL0ijEO42ldDBr/meL/zp8EVggU9MTXg6gVni:eIO7J9/VggTTXY9i
Score1/10 -
-
-
Target
bdcam64.bin
-
Size
343KB
-
MD5
2fc6fd53536961b070df7ba5caebf10b
-
SHA1
224a957cbcc956d2243691a2fca06b233e01b5e4
-
SHA256
58f7639fc9cfdb8266e48b743cd574c0a371e4286d75f50f8338305824f3dc84
-
SHA512
6e5cde246eb8a6e86fac139fdbd9d8f58a7d000d60027cf214149bf1544324a0ba56fd822ba0c5a652b095c046d0582f4a71429e20877a8f0325fbb3d05edf62
-
SSDEEP
6144:rW/wfSL8s+0ExBHGXY2296E0NnHQPH3qH6oSQkoKQvF/p/uwONct43D92UF:C/K0IBHGXI30NHQPna9pGHNu4B2U
Score1/10 -
-
-
Target
bdcam64.dll
-
Size
527KB
-
MD5
6735e157c2dd2f016544d263e8eb5165
-
SHA1
b7e6d8cb10f99b216c87b08660e3cd6a674220f1
-
SHA256
d78eeab3e08f311f276364c2c0327cf3992b15014b2bb9abcbbf683faa51e2a4
-
SHA512
b7035578e97fdbb42e75348974f901871faeea7a9f6a864489b37952fa4967b714db810bd1f86dbe266028675894c1ad427b499accea339bd1f5514e825ad90a
-
SSDEEP
12288:l6CfG+QDsn6g7zmpXXTt19CJYMSkp2PYiOzABObwF1yMxxrkK:swgDsn94XXTr9MYMSkp2PYiOzABObwFb
Score1/10 -
-
-
Target
bdcamih.dll
-
Size
44KB
-
MD5
718e3524077efbc6a9200953cae73f3e
-
SHA1
d5427e5dc824f0e9574a8a7d50e310a0c29296e6
-
SHA256
8328c2cf7e784fd9819d851c036b9ad42cc78540416250dd6afd663577aaedfd
-
SHA512
464f83f143e299478bf565845e9bc058af6c8eff24fd9cffe5582c948dedfa0cf956d9b94b469a65d02e382c6f009b7eeec6607e6a52aa0ed085ceefb3fe7c25
-
SSDEEP
768:DW5iWnxhudTWfqhV3xosqu4SPDbRzg2ORpN:C55eos1Pd6Rp
Score1/10 -
-
-
Target
bdcap32.dll
-
Size
7.3MB
-
MD5
dbd6094a7248f7a4bd755adc55f095da
-
SHA1
cee1d24d3d5ccee5523599eee6d7dd2bdbc98d95
-
SHA256
6939ff90e3e7f582b566fdf752e97ec4a345b5f90e6c957fafc73b493c997659
-
SHA512
ee19b29ae0050a2ffd1921d81b1e0b5411d19601cc06acf7d17e4eee27c007fe7fe69d12fe9adc9eff04a8e90caffdef37ac835b4d13abc3b745e4f0ce7eefb7
-
SSDEEP
98304:3gPAPZqYKADqYtZWOfCjqIlMdDBmmhjfF5oggfSsLLyn0vvvvL:3VZqYKADqYtZWOfCjqIlY0vvvv
Score1/10 -
-
-
Target
bdcap64.dll
-
Size
8.1MB
-
MD5
f4421e989622a0c2e4c0bd77a179c854
-
SHA1
cee242a535f59d8ca8f470116518d4c80ba9afad
-
SHA256
e0e958b9e002028900e48236041fe9a515e64d65d452fb541ae18fc93a482254
-
SHA512
cb8a85b3ed4e88ec565bbc33829992922ffc52fa9a71f9c91d6d10d212ef3da215f360c9483bee8cc620d9777b63b06904064db1440a0e75b91e12b60d68b110
-
SSDEEP
98304:0YLBTiCJjwa0BTKv4pqo4Tagwcx1wzcacRc+cz5ptQvvvvLs:B5LucacRc+clYvvvv
Score1/10 -
-
-
Target
bdfix.exe
-
Size
440KB
-
MD5
eeed3bd6972c1be2ed04886688db3e60
-
SHA1
3cb808d109349d5e6612012746a66e259880d0ce
-
SHA256
95e172c0359f8471d4f538053fe48a54a33cb7f5e64355692ed41e04d21cdeaa
-
SHA512
c6e1c147ea7e4e3e6fe3e8225342e3a392841eca1a1262e128c1502e75111c6124b7811f8c66aca046bdd8354cb47c536948668ef7b4aee2d2fc21bb52a86bd5
-
SSDEEP
6144:ViIwQE6bgUwMxP+iYkuSzrLaZnXh32kVLTvvn08GU+Fg95S4mOrOP8ulqD9A:Vi/Gn+iYAknx326vvn08GUdMOr/DhA
Score1/10 -