Overview
overview
7Static
static
7version.dll
windows10-1703-x64
7version.dll
windows10-2004-x64
7version.dll
windows11-21h2-x64
7Directory ...om.url
windows10-1703-x64
1Directory ...om.url
windows10-2004-x64
1Directory ...om.url
windows11-21h2-x64
1Directory ...ll.exe
windows10-1703-x64
6Directory ...ll.exe
windows10-2004-x64
4Directory ...ll.exe
windows11-21h2-x64
4Analysis
-
max time kernel
291s -
max time network
264s -
platform
windows10-1703_x64 -
resource
win10-20240221-en -
resource tags
arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system -
submitted
23/02/2024, 13:23
Behavioral task
behavioral1
Sample
version.dll
Resource
win10-20240221-en
Behavioral task
behavioral2
Sample
version.dll
Resource
win10v2004-20240221-en
Behavioral task
behavioral3
Sample
version.dll
Resource
win11-20240221-en
Behavioral task
behavioral4
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Download Latest Cracks and Apps from CracksHash.com.url
Resource
win10-20240214-en
Behavioral task
behavioral5
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Download Latest Cracks and Apps from CracksHash.com.url
Resource
win10v2004-20240221-en
Behavioral task
behavioral6
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Download Latest Cracks and Apps from CracksHash.com.url
Resource
win11-20240221-en
Behavioral task
behavioral7
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Setup/DOpusInstall.exe
Resource
win10-20240221-en
Behavioral task
behavioral8
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Setup/DOpusInstall.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral9
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Setup/DOpusInstall.exe
Resource
win11-20240221-en
General
-
Target
version.dll
-
Size
67KB
-
MD5
47f8ae27b9bd71108a86280e1c725e37
-
SHA1
9a398eb8fe991fbb2c6bdf57b60f8c104127b2cd
-
SHA256
b4e35d2d294ab6ef2b028b11766cdd52365b7347bc0255f37de3148984ea3016
-
SHA512
1fb3dd049a636607dbe199be96eef883b220da15308582dc5322add5be68ed01d567a5f53f137f63f837670841d81d971482d2cdaa9882950f200a8565d147e2
-
SSDEEP
1536:fVBOTgnOd9kcb98pJJXZIMZW3Lb2EU3rCSm53VmckVPxIiT:+Hwcb98pzXZIWW3vbU7p8UckVPxIiT
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/1864-0-0x00007FFD61C30000-0x00007FFD61C70000-memory.dmp upx behavioral1/memory/1864-8-0x00007FFD61C30000-0x00007FFD61C70000-memory.dmp upx -
Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
pid Process 1864 rundll32.exe 1864 rundll32.exe