Overview

overview

5

Static

static

4

EN/VCDS-Re...er.exe

windows7-x64

4

EN/VCDS-Re...er.exe

windows10-2004-x64

5

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$TEMP/Inst...ns.pdf

windows7-x64

1

$TEMP/Inst...ns.pdf

windows10-2004-x64

1

CSVConv-64.exe

windows7-x64

1

CSVConv-64.exe

windows10-2004-x64

1

CSVConv.exe

windows7-x64

1

CSVConv.exe

windows10-2004-x64

1

LCode-Classic.exe

windows7-x64

1

LCode-Classic.exe

windows10-2004-x64

1

LCode.exe

windows7-x64

1

LCode.exe

windows10-2004-x64

1

Labels/06J...AW.ps1

windows7-x64

1

Labels/06J...AW.ps1

windows10-2004-x64

1

License.rtf

windows7-x64

4

License.rtf

windows10-2004-x64

1

RT-USB.dll

windows7-x64

1

RT-USB.dll

windows10-2004-x64

1

RT-USB.sys

windows7-x64

1

RT-USB.sys

windows10-2004-x64

1

RT-USB64.sys

windows7-x64

1

RT-USB64.sys

windows10-2004-x64

1

RTUS64.dll

windows7-x64

1

RTUS64.dll

windows10-2004-x64

1

Resubmissions

24-02-2024 16:45

240224-t9jsjsgg37 5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VCDS 23.3.0 EN.iso

  • Size

    68.6MB

  • Sample

    240224-t9jsjsgg37

  • MD5

    6fbb5fc281efa26c76c588f051b76698

  • SHA1

    9789efea61ae3e22182ad7f78fea69fd34cf5360

  • SHA256

    f73b5ddee602453364fa40dabfab33a8b192d59211ef7056f0196da4ff4a54c0

  • SHA512

    afee0afac8b1e5e3e9d3840f60111a0304219b5f90837097d098e6703498bde868377ffb9f76ad2f2e30686fd7e9dcc0110eefd1747c5a06e9acc186be957272

  • SSDEEP

    1572864:pREiPX3xVVQkjW31Qg6+rH0fVI1rgYokRrVKL/HpBm:gi5VG3hRrU9IBgO3KLx

Score
5/10
linkpdf

Malware Config

Targets

    • Target

      EN/VCDS-Release-23.3.0-Installer.exe

    • Size

      66.0MB

    • MD5

      9473934cd9d76fd3db99e802447b5b49

    • SHA1

      7c50c0406f61b4cb9c90f96a6c72224b30d7939c

    • SHA256

      ba07a666c5655fca6da3e71336aa044b1fbdceecbbfe1bd2f0cc30bdae2ebd78

    • SHA512

      c4c48b9bf53985abf7dca34c5e6988c672d9210687e30653eebe60ddc950132e83c5ae3cc8afb79b1ca0506e183525bc124c6bc07cec61671c9f30fb4d3ee95c

    • SSDEEP

      1572864:PPX3xVVQkjW31Qg6+rH0fVI1rgYokRrVKL/HpBmy:P5VG3hRrU9IBgO3KLxT

    Score
    5/10
    linkpdf

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      05bf02da51e717f79f6b5cbea7bc0710

    • SHA1

      07471a64ef4dba9dc19ce68ae6cce683af7df86d

    • SHA256

      ca092ba7f275b0c9000098cdd1a9876fe8dc050fcb40a0e8a1ab8335236e9dc5

    • SHA512

      c09e475babd5eb675cdf903b2b754b8b68450a731cb520f3dcbf9abe0ed03d19256f009429977d3a51decb3a2a938be0b28dbafeb407409fa85e54da6dbaaad6

    • SSDEEP

      384:ESC43tPegZ3eBaRwCPOYY7nNYXCv/Yosa:EbTgZ3eBTCmrnNAx

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      100KB

    • MD5

      c6a6e03f77c313b267498515488c5740

    • SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    • SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    • SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • SSDEEP

      3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

    • SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

    • SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    • SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • SSDEEP

      192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/liteFirewall.dll

    • Size

      81KB

    • MD5

      165e1ef5c79475e8c33d19a870e672d4

    • SHA1

      965f02bfd103f094ac6b3eef3abe7fdcb8d9e2a5

    • SHA256

      9db9c58e44dff2d985dc078fdbb7498dcc66c4cc4eb12f68de6a98a5d665abbd

    • SHA512

      cd10eaf0928e5df048bf0488d9dbfe9442e2e106396a0967462bef440bf0b528cdf3ab06024fb6fdaf9f247e2b7f3ca0cea78afc0ce6943650ef9d6c91fee52a

    • SSDEEP

      1536:Dli3i1jKfTV0LzYpAzMk2nACScLw5jPAT:j9KLQ+ScLw5jPAT

    Score
    3/10
    behavioral10behavioral9

    • Target

      $TEMP/Installation-Instructions.pdf

    • Size

      844KB

    • MD5

      9f57d5c8bea7bb0c56f6feab5ec57d49

    • SHA1

      fb5509772439aa89fad1194a7657ac9f8dadd9a0

    • SHA256

      32f20c4168639d3544920705b1b563dced626bf506ed111729bf0fca7be20ef6

    • SHA512

      aa33496b4def53a7a2e51102de2ddbdca237dba76b43ae6bc6cb70c76953ac1685592e997c9f5787195e67b8419ef06ce239f84b45ba4b07d93574550946994c

    • SSDEEP

      24576:T1fvyZdlOBoHQ+PmIC+zyRqO/KtC9AFpLfBEjMs:ydIIxuXKY9q7fs

    Score
    1/10
    behavioral11behavioral12

    • Target

      CSVConv-64.exe

    • Size

      296KB

    • MD5

      17f5814f56b3fdc3cb674b2bd099d960

    • SHA1

      82ffe1b46102c4d96137430504653ede8d776b35

    • SHA256

      20f2247d0903ffb8bf5168d486371d60c27aece969f676544906389dbd9ee987

    • SHA512

      5737d480bc7557d1071e4fde6fb4c45721ac34a61df99e7ecff00846e40c5b9c3eb43f8a8ec8303a733eb470e0a0e154742e86057f16d8214388c36a7269fd47

    • SSDEEP

      6144:MAXGVs3843zXrKvVeOX7r3ogtAiN/DLZ10qis3Apa:Mh/43zXuNeZgtAspV

    Score
    1/10
    behavioral13behavioral14

    • Target

      CSVConv.exe

    • Size

      227KB

    • MD5

      95efccb778957cb05dcd939907840a17

    • SHA1

      8f20dc1a4a9de46cee94eb374f9075b8ca7dbbe5

    • SHA256

      ce490f9f2fd23dbb27cf7fca051920b900e2a6140cf7548d63c671047abd5e32

    • SHA512

      556cd4064d0de4787bd21abc8792fd17c402504fdd6c5a2dd30dcb7a4a3d8e236b37a59a66e11b5ce6e71f2635b7369ca76882047fefd8f2a7db150def713eba

    • SSDEEP

      6144:Oeswhy11zYfHsRqQJdEvYxWGQxBGA9GKxTX:nsQQgvPGQ/HtT

    Score
    1/10
    behavioral15behavioral16

    • Target

      LCode-Classic.exe

    • Size

      826KB

    • MD5

      a0a0f3afaa022cbc8d806278acaa4519

    • SHA1

      3767cdae71d90ad4ab62a095ff25e30eac81f475

    • SHA256

      ecacb7e971930919cbcbee8c972581b767f13ca31c9aa7958677e2130196d0c1

    • SHA512

      73918761d8f28a2154552f3e597367929539ee4f70bc7d11ce8809a9957931137426edad50b519b75d9b41f57574afd60c41539a0f4731c06ebef7ab8c11a3c7

    • SSDEEP

      12288:wdJe75UjsOvx8J+d5a1SDU+F2yKMk2NBIxLDMoS6uFxeUjH2jdN+v6GQ4GSy:wDIUjP9d86F2L2jIBM1BxeOHEsy

    Score
    1/10
    behavioral17behavioral18

    • Target

      LCode.exe

    • Size

      4.5MB

    • MD5

      47dd3179a5aea88abb617473512dd733

    • SHA1

      39e2b76ca101409d084aa0f5bd1269609cd0d5b1

    • SHA256

      4dbeaaba3446e04e5febc03b727c79f5d3e147b285aefbebda15f9650536a95e

    • SHA512

      e251497798e9ee5039162c70521c0cdf238fe65202387f44d4db3b4b3a09600095348932073895267fedeccc9dc7106eb1497b9c9f7537a96c20880f133b95e3

    • SSDEEP

      98304:tC+r4RmLRxvDyRq/sR80T/oX5EmE2xuIeGGs:tC+rKmLHveRqwT/oX5EmjxuI8s

    Score
    1/10
    behavioral19behavioral20

    • Target

      Labels/06J-906-026-CAW.clb

    • Size

      36KB

    • MD5

      e34fa2f206ed2d88619085a406f88d7f

    • SHA1

      0c7d581db0e170af2a60414a379014502831b41e

    • SHA256

      83114835ee53533a6e0a51e9321fa71915781c603bbca5306f3e513ceae5b087

    • SHA512

      ee11498e97a0ca7e0ca79e89a8ead087b18023c911cc48697937d2c6c46160dfbda1011f3c00ce7c4f264f0f5415a3765628473a5264a83c98f7bdb144d3eb12

    • SSDEEP

      768:Ufosb8GX/FKF9ICiO9iuNl5syRz4ptuD6BA9cQ1v3jj9GlXH3ErQdQdd:UfoNGX/FKfhC8Wtu+BfQBwRSQdQD

    Score
    1/10
    behavioral21behavioral22

    • Target

      License.rtf

    • Size

      37KB

    • MD5

      036d8d2f27dd5e8e17bf19777f164336

    • SHA1

      c4e71c657cd42da488229cfd7bbdc7b32a4f761d

    • SHA256

      aabc4c74bcca47366b23d85231fac74487ca6daa343be6e370de54d2d87223ea

    • SHA512

      cd34cbb35f8deb6b893d3cd8ce91bbaed40c374d3e866803017ff586c6db8e98db351ef524caf6a12252f1fd71363b7cc0eeb8ddfb8ff87188817c2b7251bed9

    • SSDEEP

      384:z1iPoHYy11FKw0zybDEFKj0Ch1ol//Pb3O0+3eo75Y3kmA31dv61Qys:z1iP2Rj0CQLZrS14A

    Score
    4/10
    behavioral23behavioral24

    • Target

      RT-USB.dll

    • Size

      217KB

    • MD5

      9df64e7edb3b70410d80008c916a9322

    • SHA1

      48d19590e571f078f3a28564937d3f68ed09be21

    • SHA256

      5a42313f5b7e4380e1a7b0fb8d1abc97f9321ce383c2cade85199892c550a9eb

    • SHA512

      614e034648753860fe5a6b68e3d29533c965967fb94bb9b266dba3df77b24bfe133844baa75c6b135888159250eac36f741053905ce03ab15d682df4fb775a5f

    • SSDEEP

      3072:hW5iWakc09H1zIM5Yxqm+1PJhFIMJiqcETiQE0tmmeHrZgf5+afUY8A:hW5Hc0NNaAm4PIucEu0tNQA

    Score
    1/10
    behavioral25behavioral26

    • Target

      RT-USB.sys

    • Size

      78KB

    • MD5

      6f839c7a35dbcfcd9dac1d0063d2b658

    • SHA1

      6f56f75f0652b1dabd6fcd565664dcdd3fbc561a

    • SHA256

      b65d27968d7258c1911dd2adb76fabd0e59592dc0a1787a67427ea29b10be59c

    • SHA512

      d24ea9aa2fedff73828395a25956f3ceeaa46146934d6ea865f06b6d66be6b621c535f784b533cf947c6c5fdb40ffd27a87535b8aff0b29e37579c7445d9ae44

    • SSDEEP

      1536:blD8MvYRH3uA3uNJCSkWLy7RjwaDJLJrp:bVpAu1ejwkJLv

    Score
    1/10
    behavioral27behavioral28

    • Target

      RT-USB64.sys

    • Size

      94KB

    • MD5

      2d16360308c99fcbc0b97d7930d1b4e0

    • SHA1

      b1730716630a0c68517e3481e7fbf0d28f88d0ee

    • SHA256

      e252f42a7d93c774813e2de8a17c29a74f1901a223ddb925423cb64d31e197dd

    • SHA512

      f20d0ca0f339af264f68301a2f77e5d959343afe8c31793edd190e25016cd616ffeff7f10e824b5f287b32a9b4c48d301b16bd34e8c3217ece3ac4286ea5e4f3

    • SSDEEP

      1536:Cj0u11u7fJTg+3unILMtYsT9kL3GuEwOqBp4Y71XyudmNCPrh:8J1gzYrATOqn12NC9

    Score
    1/10
    behavioral29behavioral30

    • Target

      RTUS64.dll

    • Size

      254KB

    • MD5

      d3b969646146d7e39befb26680ce5ede

    • SHA1

      33731ac6aa8ed9848f4be5563608462fa22be333

    • SHA256

      b2a261c16355bc3c1313f5a2f86591ac430ec5ddc7d1ddf24b517a5fb97b48f2

    • SHA512

      89603624b7409dac707e7a4c81b6bef596cef9e9b30f1e3fc6b640e86987d04e4da6796d2cc33f69ae0b2291bfd2caaa1924c6529b07df6b001242f6d25d1ac7

    • SSDEEP

      6144:JKQTtVWxG4svcnUz5ClPF3ITuTQ78cbbZUuOmJ2UYw:FLIfUFCfvi8cvZJ2Rw

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

pdflink
Score
4/10

behavioral1

linkpdf
Score
4/10

behavioral2

linkpdf
Score
5/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
4/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10