Overview

overview

7

Static

static

7

7b774eecbb...b4.exe

windows7-x64

7

7b774eecbb...b4.exe

windows10-2004-x64

7

$PLUGINSDIR/InetC.dll

windows7-x64

3

$PLUGINSDIR/InetC.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

7

$PLUGINSDI...ll.dll

windows10-2004-x64

7

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

IpTvPlayer.7zS2.dll

windows7-x64

3

IpTvPlayer.7zS2.dll

windows10-2004-x64

3

IpTvPlayer.Rtmp.dll

windows7-x64

7

IpTvPlayer.Rtmp.dll

windows10-2004-x64

7

IpTvPlayer.exe

windows7-x64

7

IpTvPlayer.exe

windows10-2004-x64

7

License.rtf

windows7-x64

4

License.rtf

windows10-2004-x64

1

UdpProxy.exe

windows7-x64

1

UdpProxy.exe

windows10-2004-x64

1

vlc-1.1.11/LibVlc.dll

windows7-x64

1

vlc-1.1.11/LibVlc.dll

windows10-2004-x64

3

vlc-1.1.11...re.dll

windows7-x64

3

vlc-1.1.11...re.dll

windows10-2004-x64

3

vlc-1.1.11...in.dll

windows7-x64

1

vlc-1.1.11...in.dll

windows10-2004-x64

1

vlc-1.1.11...in.dll

windows7-x64

1

vlc-1.1.11...in.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7b774eecbb5682141590d16a1464ee224dab94298e0c80b42ae27e317df754b4

  • Size

    5.7MB

  • Sample

    240310-y5p6zsbf3w

  • MD5

    966e29fc02c2c86e47459456080a57ef

  • SHA1

    8a16864697bc71777e1ae23063a2b8dc53540383

  • SHA256

    7b774eecbb5682141590d16a1464ee224dab94298e0c80b42ae27e317df754b4

  • SHA512

    d268410ccc98bd9392cfb75bb53cee6bf222a32e666b39eebda2480cd137f09e3c114ff153868355b4a8b07569151387c4410df8ffb53ff271dd496c892fe8ad

  • SSDEEP

    98304:4lIMbqtt4IRPnywescJnybXK1ImZqFolv89UYNNGiaqT3hpMpdflEmJI2QdDfR:OktzapdybCiolv89U+tlp6dfJJI2QhfR

Score
7/10
upx

Malware Config

Targets

    • Target

      7b774eecbb5682141590d16a1464ee224dab94298e0c80b42ae27e317df754b4

    • Size

      5.7MB

    • MD5

      966e29fc02c2c86e47459456080a57ef

    • SHA1

      8a16864697bc71777e1ae23063a2b8dc53540383

    • SHA256

      7b774eecbb5682141590d16a1464ee224dab94298e0c80b42ae27e317df754b4

    • SHA512

      d268410ccc98bd9392cfb75bb53cee6bf222a32e666b39eebda2480cd137f09e3c114ff153868355b4a8b07569151387c4410df8ffb53ff271dd496c892fe8ad

    • SSDEEP

      98304:4lIMbqtt4IRPnywescJnybXK1ImZqFolv89UYNNGiaqT3hpMpdflEmJI2QdDfR:OktzapdybCiolv89U+tlp6dfJJI2QhfR

    Score
    7/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InetC.dll

    • Size

      20KB

    • MD5

      e541458cfe66ef95ffbea40eaaa07289

    • SHA1

      caec1233f841ee72004231a3027b13cdeb13274c

    • SHA256

      3bce87b66d9272c82421920c34b0216e12c57a437d1955c36f23c74c1a01d420

    • SHA512

      0bf6313e4cb7bbdcfba828fb791540b630adc58c43aa4b5ba77790367d0f34f76077cd84cc62e2a2c98c788a88547f32a11e549873d172c5aa2753124847cd0c

    • SSDEEP

      384:b1JO6XgZkjxm+NpXaWgzxUX//EUhU7ya4LQ0Ac9khYLMkIX0+GBty3Sm0:b+6Xgsm+NpKWgzxUXnEUhUua4Li70

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      ed619e32ccf44d3a2b7be5a81e4ccbee

    • SHA1

      b89775e6c7e49004e3199a0e96a28c473ecd6c69

    • SHA256

      ef0d7e2eba9e197c37e68b4fd1d79e8ac0bbd855846ebe506f858c73a1b296c0

    • SHA512

      853f8b1313d1911abe0eb77b28cd9f73a82e06a693009d581effa8691411e751a2187f176f23b17d4bdbf45b81a29f5fb71cbe40b410e14080d1d7b86ec13aca

    • SSDEEP

      96:2kh11GED5ZTvycNSmwVsTJuftpZR07d2:v1V5tvxNSmwVEIvY4

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/Md5Dll.dll

    • Size

      6KB

    • MD5

      0745ff646f5af1f1cdd784c06f40fce9

    • SHA1

      bf7eba06020d7154ce4e35f696bec6e6c966287f

    • SHA256

      fbed2f1160469f42ce97c33ad558201b2b43e3020257f9b2259e3ce295317a70

    • SHA512

      8d31627c719e788b5d0f5f34d4cb175989eaa35aa3335c98f2ba7902c8ae01b23de3ccb9c6eb95945f0b08ef74d456f9f22ca7539df303e1df3f6a7e67b358da

    • SSDEEP

      96:GL2PcvGn5olZMTZxEp8agTsflVwn4GogZcko5N1ub:U2Pxn5UZMTZipyaw4ZkKP2

    Score
    7/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/NsProcess.dll

    • Size

      4KB

    • MD5

      faa7f034b38e729a983965c04cc70fc1

    • SHA1

      df8bda55b498976ea47d25d8a77539b049dab55e

    • SHA256

      579a034ff5ab9b732a318b1636c2902840f604e8e664f5b93c07a99253b3c9cf

    • SHA512

      7868f9b437fcf829ad993ff57995f58836ad578458994361c72ae1bf1dfb74022f9f9e948b48afd3361ed3426c4f85b4bb0d595e38ee278fee5c4425c4491dbf

    • SSDEEP

      48:iYXzAm8HGJLvwM8GJFd6I7W4JtT2bxNNAa4GsNf+CJ8aYqmtlKdgAtgma1QvtCSJ:lz2mJkpGR6GY74GQ1YqmstgGCtR

    Score
    3/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      00a0194c20ee912257df53bfe258ee4a

    • SHA1

      d7b4e319bc5119024690dc8230b9cc919b1b86b2

    • SHA256

      dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3

    • SHA512

      3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      ab73c0c2a23f913eabdc4cb24b75cbad

    • SHA1

      6569d2863d54c88dcf57c843fc310f6d9571a41e

    • SHA256

      3d0060c5c9400a487dbefe4ac132dd96b07d3a4ba3badab46a7410a667c93457

    • SHA512

      99d287b5152944f64edc7ce8f3ebcd294699e54a5b42ac7a88e27dff8a68278a5429f4d299802ee7ddbe290f1e3b6a372a5f3bb4ecb1a3c32e384bca3ccdb2b8

    • SSDEEP

      96:EBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4MndY7ndS27gA:E6n+0SAfRE+/8ZYxldqn420

    Score
    3/10
    behavioral13behavioral14

    • Target

      IpTvPlayer.7zS2.dll

    • Size

      48KB

    • MD5

      c86b4e5f2d813511b295ed92d7efa042

    • SHA1

      e4d44f1c9e558ab70057c02910fb3ef56602128b

    • SHA256

      368c87b2fb2679966e9814227a989b39075a029cfdf33dc6007fadb57b19f85f

    • SHA512

      b23349041ee02f6f169c0a3b4fbf3d70f9c2b2b976ce3331203adf3182322b3b73f313651552c0bcc5904c411a3bb6021d7788bf76541e5dd4cfeb0e3019460c

    • SSDEEP

      768:1Bd/LsVcCQllz6hG4bQmw239lqAUk+CMTqKo91:vdwGl56hKmb9lqAUk+CUzoH

    Score
    3/10
    behavioral15behavioral16

    • Target

      IpTvPlayer.Rtmp.dll

    • Size

      174KB

    • MD5

      5a14c13d6683aed5106661accde21aa0

    • SHA1

      5741318fa8f2d25368ff86eaf172d76ae722a685

    • SHA256

      b55c475e764634a1e8361a806e173d5959c21109840e732cf01ede36cc77fa13

    • SHA512

      143d54c6775416715bfbbc2d7c262cadb32f05d85e9b3d055e577dc6b722c2ecf91969d7e73ebaa8bd12933a3197213ce45fcdd11409596d54c616cb3530f9e3

    • SSDEEP

      3072:jl6/fk9w5zg/6WCiRalQmIZhAV8xQTgvoTYqnEyKKwmh3QUvyjWSgVxbtGaUI11x:jIfk98iwhu6V6kgAk/Kbh3QPjhgVxb76

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral17behavioral18

    • Target

      IpTvPlayer.exe

    • Size

      897KB

    • MD5

      ac81d247224c77906502868f67db0011

    • SHA1

      566b1f9410e8067c771634acaca3499b1e91241f

    • SHA256

      b7ceee6a1799def5d2cd681b1d67caeed6ac249ec33bb201d216a9d396d39ecd

    • SHA512

      afe6753fa42be6923ceb187f63ea1858ef7ac0b08c882085edf51cf35f2d72d8880548cd3662a2934f294af3712beadf527451523274bce202f5fd2d12f3dfcc

    • SSDEEP

      24576:0/x6rREda80p9e4v/3nY+Qx8+ZXOGbcRHF7Ym:056rqD0G44+yZ+Ggb7Ym

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral19behavioral20

    • Target

      License.rtf

    • Size

      8KB

    • MD5

      f0e4a85ba8dcf92c8e9f2cfca4d735b8

    • SHA1

      b5586fc10627ee0c138d1898d92a02c615caaada

    • SHA256

      6eaa6de8b39e864c429e6e52726fcb94cb0b887fc90fd703d3b6ea275356ac2c

    • SHA512

      bd2a3ffe9ab336cce1647f8095c1f566751baef765cd87636df07163f5a8cba4a1229752c3d5431d09da0176da634a22d606465ae55b8121a3b572fbb721943f

    • SSDEEP

      192:efpt7fo7qJUHEkyuYkroRJwsiGUifgCVCaTlhAX5l8ysCoJaCi7yStnDTA2fCt2:yg7Oge/nw8Hhhi7zCt2

    Score
    4/10
    behavioral21behavioral22

    • Target

      UdpProxy.exe

    • Size

      133KB

    • MD5

      599eba3889e36e602c340b8f37a5c943

    • SHA1

      61e6e2a15e68fc4cb90e68d561fe9bdcde54f398

    • SHA256

      99b632264ad0845ee78a2527037198878ecca61557c013d89cc9f4f101f400fd

    • SHA512

      53c838a2a5f1ee6c5746010bc242bdac11155891c143ea69bc12885cb1f252bb6cbedcc787e38e46cd5629733328715795bb07efc7203eaa02a4ca24d8e30391

    • SSDEEP

      3072:87yUdi/AZj8FaFxS9nYEpyGX1bxF7segB:8GMi/k8Fa69rp3lPo

    Score
    1/10
    behavioral23behavioral24

    • Target

      vlc-1.1.11/LibVlc.dll

    • Size

      99KB

    • MD5

      7ebdfc02b9e698acba658fa4204abce6

    • SHA1

      4ab97e4fbe5d1c0ebcf4db61973a61861509ece1

    • SHA256

      1f520961ca5a1003eaf2d1d4823dcb75c2cc4cf9305b5db77599137a01080653

    • SHA512

      17d29f54909481223827e48e5e4867592879b141ad8323167920cede8661a54868d2a876319fa3fce5f14db34e56a33f4a63fa6646817d50453587c55222d71b

    • SSDEEP

      3072:2/iC08D2XFOPdDJ0JJUYg6+x+VA8LlN6:26ccUYg6xVtLlN

    Score
    3/10
    behavioral25behavioral26

    • Target

      vlc-1.1.11/LibVlcCore.dll

    • Size

      2.2MB

    • MD5

      c90976c653fecc24f668f57da0a1cb61

    • SHA1

      ed50eeb0c4d2c6582358d65a4bdccc0e3f95e53c

    • SHA256

      8dbbd2dd4561268e286a7ae468dccd7a0c045122191847ff15cf633ff7d984da

    • SHA512

      0631e35b3a065330e9219ca471877e967c142d05fa3d4b80a466d192757bd6576ce9aac891d8cf8c1ec4bae135e49c6abb5099d44ca19194f24c3c60d11dd1a5

    • SSDEEP

      49152:zhEQ5ZuHhisrBplbwHKxqiKjD6z3xNpad4KRcBAUZLY59MpGaXYQKuHQ:zhEQ5ZuHosrBplbX06z3xNUcBAUZL5

    Score
    3/10
    behavioral27behavioral28

    • Target

      vlc-1.1.11/Plugins/liba52_plugin.dll

    • Size

      35KB

    • MD5

      2ab7345625baccaf99655d30759ba268

    • SHA1

      191b8afedea3d3d5f99bb40c1888ce702b5358d4

    • SHA256

      fb678b7f1e42d370f2bc5826487ca166d0cf36b2f1e883092339933ed7d8ab5f

    • SHA512

      ae98271aff778a7cff1932cfb54c654c25e70d106bbd3780f3495400a44375819a32cdf1d449fd9295494c550a3b34597fb30f1a94e65ae482bf65a17c00d268

    • SSDEEP

      768:Hxpb70NoNK+3ljxPMkKK8gv1BulOrO+Vox/6pMs:Rpb70NoRHPMfK8gClUO+Vo96pMs

    Score
    1/10
    behavioral29behavioral30

    • Target

      vlc-1.1.11/Plugins/liba52tofloat32_plugin.dll

    • Size

      64KB

    • MD5

      e0d81e1d14a9304a528320272848a550

    • SHA1

      9bb312fec98169ed5e727f721254eca36b9d08d0

    • SHA256

      1a719281d8d5828c85f4dce2c4761ae81db56128b8156f73c0e33958022fbd53

    • SHA512

      227276b342104a0ed4a0037d5740af89a197232026690e6faa3cf3d2d9019ec63659b37e4bd3978b8988779b8c192aff0170ebd86a8913d15d8fe85c53db1961

    • SSDEEP

      1536:0iZ8DS/nqz2I1+AsMaK6gulQR+VL9czog:07+fm24V6guuR+VL3

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
7/10

behavioral1

upx
Score
7/10

behavioral2

upx
Score
7/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

upx
Score
7/10

behavioral8

upx
Score
7/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

upx
Score
7/10

behavioral18

upx
Score
7/10

behavioral19

Score
7/10

behavioral20

Score
7/10

behavioral21

Score
4/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
3/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10