Overview
overview
7Static
static
7version.dll
windows10-1703-x64
7version.dll
windows10-2004-x64
7version.dll
windows11-21h2-x64
7Directory ...om.url
windows10-1703-x64
1Directory ...om.url
windows10-2004-x64
1Directory ...om.url
windows11-21h2-x64
1Directory ...ll.exe
windows10-1703-x64
6Directory ...ll.exe
windows10-2004-x64
4Directory ...ll.exe
windows11-21h2-x64
4Analysis
-
max time kernel
292s -
max time network
111s -
platform
windows11-21h2_x64 -
resource
win11-20240221-en -
resource tags
arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system -
submitted
23/02/2024, 13:23
Behavioral task
behavioral1
Sample
version.dll
Resource
win10-20240221-en
Behavioral task
behavioral2
Sample
version.dll
Resource
win10v2004-20240221-en
Behavioral task
behavioral3
Sample
version.dll
Resource
win11-20240221-en
Behavioral task
behavioral4
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Download Latest Cracks and Apps from CracksHash.com.url
Resource
win10-20240214-en
Behavioral task
behavioral5
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Download Latest Cracks and Apps from CracksHash.com.url
Resource
win10v2004-20240221-en
Behavioral task
behavioral6
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Download Latest Cracks and Apps from CracksHash.com.url
Resource
win11-20240221-en
Behavioral task
behavioral7
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Setup/DOpusInstall.exe
Resource
win10-20240221-en
Behavioral task
behavioral8
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Setup/DOpusInstall.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral9
Sample
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Setup/DOpusInstall.exe
Resource
win11-20240221-en
General
-
Target
Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}/Setup/DOpusInstall.exe
-
Size
38.1MB
-
MD5
b196ebf4b0efe4ac9c000ec610e35e24
-
SHA1
7c8a7d338948d01c312e31af7a8a8bb6cb32a1f9
-
SHA256
316b7f525888eb67944f527e4ac50d7ce960e90658ffb715bf0a1fb9e3e52ac9
-
SHA512
30038ab28015ed534b09f3fb8b29acc872dc30b68669faa7545e0d6f5e561279c8d923f47fae62bd371a2eb8d9d1591b0f092ab59bf873863b81d4053d28743e
-
SSDEEP
786432:qi5dfOognme1j48rkdNXtUzWJQmpg8+MSAzUtq0ksEhoM5PmgcKHYM2Da7:q2fSb1j48ruNXtUz4QmR+z7vk7VFPWi
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
pid Process 2672 DOpusInstall.tmp -
Loads dropped DLL 1 IoCs
pid Process 2672 DOpusInstall.tmp -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4460 wrote to memory of 2672 4460 DOpusInstall.exe 76 PID 4460 wrote to memory of 2672 4460 DOpusInstall.exe 76 PID 4460 wrote to memory of 2672 4460 DOpusInstall.exe 76
Processes
-
C:\Users\Admin\AppData\Local\Temp\Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}\Setup\DOpusInstall.exe"C:\Users\Admin\AppData\Local\Temp\Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}\Setup\DOpusInstall.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:4460 -
C:\Users\Admin\AppData\Local\Temp\is-M1CRD.tmp\DOpusInstall.tmp"C:\Users\Admin\AppData\Local\Temp\is-M1CRD.tmp\DOpusInstall.tmp" /SL5="$7022E,39119681,803328,C:\Users\Admin\AppData\Local\Temp\Directory Opus Pro v12.28 Build 8189 (x64) + Fix {CracksHash}\Setup\DOpusInstall.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
PID:2672
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
85KB
MD5269e20c08a480cf20685a645b1ee9a09
SHA1c8cb5d7fc506bd982bac244734e31e54d4adeb31
SHA25680f8b49d1fbcc2db21dc5c1fc9a62c712de8f83691c245369280b32b6cf1f4d2
SHA512b3e77a66960b1b86335d3a5a27657dcf998376336138a19ecc343b91d090c9cf52b3af07700fd4882d1ba64d766bd55b8b5f4fc1ecd7e17fddbeafe2db1bb3a3
-
Filesize
2.5MB
MD5b589c1b34a069180a959b8e91b9c04d1
SHA18875ce4398d7517cd07a88acf52f694ab44952fa
SHA25674b960394e32a1d52a3ba45111b0beb06395637e471832ef6e284736407376b3
SHA512acd0da0ffd40d2f06fdc9c183d18e4c19a31197ec3fceb0fd5c1d1bfdd265b15cf2e35496911be8f548d80d801ce0dce39390d050fbab94cb8e9d776f513198c