Overview
overview
7Static
static
7version.dll
windows10-1703-x64
7version.dll
windows10-2004-x64
7version.dll
windows11-21h2-x64
7Directory ...om.url
windows10-1703-x64
1Directory ...om.url
windows10-2004-x64
1Directory ...om.url
windows11-21h2-x64
1Directory ...ll.exe
windows10-1703-x64
6Directory ...ll.exe
windows10-2004-x64
4Directory ...ll.exe
windows11-21h2-x64
4General
-
Target
DirectoryOpus.zip
-
Size
37.8MB
-
Sample
240223-qm315agd9y
-
MD5
6ebb13f501b4d0452eeffc08fa7fb381
-
SHA1
e3788a1bd46d06ebe7185b6a3660a4dfe06cdb52
-
SHA256
f0be34597af1f13ecb5297508075745ee2af467564bd0ed6fc025a4885924456
-
SHA512
77355748caac5aef0682db26623077cf998751912dbcbd560f6fc0dc7e2b4a1b24b389faad1cdd721488bf86055fefb2d3105c988195e6901f02e4b21a130c4b
-
SSDEEP
786432:mwxb7qwgheERJM+7O5XVvoBUHMGVQsmcO0zaTCySuuvWWFtKiS6peMiLeH:ms7ypRJM+7eXVvoBGMGrmfjlSV/j3iU
Behavioral task
behavioral1
Sample
version.dll
Resource
win10-20240221-en
Behavioral task
behavioral2
Sample
version.dll
Resource
win10v2004-20240221-en
Behavioral task
behavioral3
Sample
version.dll
Resource
win11-20240221-en
Behavioral task
behavioral4
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Download Latest Cracks and Apps from CracksHash.com.url
Resource
win10-20240214-en
Behavioral task
behavioral5
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Download Latest Cracks and Apps from CracksHash.com.url
Resource
win10v2004-20240221-en
Behavioral task
behavioral6
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Download Latest Cracks and Apps from CracksHash.com.url
Resource
win11-20240221-en
Behavioral task
behavioral7
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Setup/DOpusInstall.exe
Resource
win10-20240221-en
Behavioral task
behavioral8
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Setup/DOpusInstall.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral9
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Setup/DOpusInstall.exe
Resource
win11-20240221-en
Malware Config
Targets
-
-
Target
version.dll
-
Size
67KB
-
MD5
47f8ae27b9bd71108a86280e1c725e37
-
SHA1
9a398eb8fe991fbb2c6bdf57b60f8c104127b2cd
-
SHA256
b4e35d2d294ab6ef2b028b11766cdd52365b7347bc0255f37de3148984ea3016
-
SHA512
1fb3dd049a636607dbe199be96eef883b220da15308582dc5322add5be68ed01d567a5f53f137f63f837670841d81d971482d2cdaa9882950f200a8565d147e2
-
SSDEEP
1536:fVBOTgnOd9kcb98pJJXZIMZW3Lb2EU3rCSm53VmckVPxIiT:+Hwcb98pzXZIWW3vbU7p8UckVPxIiT
Score7/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Download Latest Cracks and Apps from CracksHash.com.url
-
Size
117B
-
MD5
2fe280a0aeda1ec09a93f82d81219217
-
SHA1
b5e8792e2b7f729e714e1a8008fd9fec54f4eb8d
-
SHA256
cdbfe5133e2845993b32f14966ee8998ef5c4593234065b8dd5081cb5ec69631
-
SHA512
a34929f385b1302385f7f0d774ddd74d0c922e10f6b1b84fdf3e554a1a9e564abe08b65eea70a5c6060711467e4dfa8e587ce861272f8ea3e0b576d3150af3cf
Score1/10 -
-
-
Target
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Setup/DOpusInstall.exe
-
Size
38.1MB
-
MD5
b196ebf4b0efe4ac9c000ec610e35e24
-
SHA1
7c8a7d338948d01c312e31af7a8a8bb6cb32a1f9
-
SHA256
316b7f525888eb67944f527e4ac50d7ce960e90658ffb715bf0a1fb9e3e52ac9
-
SHA512
30038ab28015ed534b09f3fb8b29acc872dc30b68669faa7545e0d6f5e561279c8d923f47fae62bd371a2eb8d9d1591b0f092ab59bf873863b81d4053d28743e
-
SSDEEP
786432:qi5dfOognme1j48rkdNXtUzWJQmpg8+MSAzUtq0ksEhoM5PmgcKHYM2Da7:q2fSb1j48ruNXtUz4QmR+z7vk7VFPWi
Score6/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
Modify Registry
3Subvert Trust Controls
1Install Root Certificate
1