Overview
overview
5Static
static
3Plex-1.88....64.exe
windows7-x64
3Plex-1.88....64.exe
windows10-2004-x64
5web-client...A.json
windows7-x64
3web-client...A.json
windows10-2004-x64
3web-client...r.json
windows7-x64
3web-client...r.json
windows10-2004-x64
3web-client...e.json
windows7-x64
3web-client...e.json
windows10-2004-x64
3web-client...r.json
windows7-x64
3web-client...r.json
windows10-2004-x64
3web-client...u.json
windows7-x64
3web-client...u.json
windows10-2004-x64
3web-client...s.json
windows7-x64
3web-client...s.json
windows10-2004-x64
3web-client...t.json
windows7-x64
3web-client...t.json
windows10-2004-x64
3web-client...a.json
windows7-x64
3web-client...a.json
windows10-2004-x64
3web-client...o.json
windows7-x64
3web-client...o.json
windows10-2004-x64
3web-client...t.json
windows7-x64
3web-client...t.json
windows10-2004-x64
3web-client...y.json
windows7-x64
3web-client...y.json
windows10-2004-x64
3web-client...l.json
windows7-x64
3web-client...l.json
windows10-2004-x64
3web-client...o.json
windows7-x64
3web-client...o.json
windows10-2004-x64
3web-client...l.json
windows7-x64
3web-client...l.json
windows10-2004-x64
3web-client...R.json
windows7-x64
3web-client...R.json
windows10-2004-x64
3General
-
Target
Plex-1.88.1.96-c1c59fc1-x86_64.exe
-
Size
177.5MB
-
Sample
240311-wav3msbg69
-
MD5
8d9e10e53dd1f3debca287124be7c262
-
SHA1
840b298d54219611efd41177389526c115c909c9
-
SHA256
0f697e9cca3455c8e54b7b049b4e9632115634615f38e43ddbeb781d978354db
-
SHA512
6e69d4d105236d711b7a6d03c80b68b3bcad7aa2082ef85c30b9e5beb9917d8eeb94841a12cf1178637ce6d00a1fe8f46d34fc21f283a1ccabcd280f1206dda2
-
SSDEEP
3145728:7UVuPbCpw3jGP1ppoA4VgL5yHv4v/KXqD/z4GEsskH3zL7B+Si9Ara5:gAPFjm1sJW4Hvy/US89yU
Static task
static1
Behavioral task
behavioral1
Sample
Plex-1.88.1.96-c1c59fc1-x86_64.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
Plex-1.88.1.96-c1c59fc1-x86_64.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
web-client/translations/fr-CA.json
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
web-client/translations/fr-CA.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
web-client/translations/fr.json
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
web-client/translations/fr.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
web-client/translations/he.json
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
web-client/translations/he.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
web-client/translations/hr.json
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
web-client/translations/hr.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
web-client/translations/hu.json
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
web-client/translations/hu.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
web-client/translations/is.json
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
web-client/translations/is.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
web-client/translations/it.json
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
web-client/translations/it.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
web-client/translations/ja.json
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
web-client/translations/ja.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral19
Sample
web-client/translations/ko.json
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
web-client/translations/ko.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
web-client/translations/lt.json
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
web-client/translations/lt.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral23
Sample
web-client/translations/my.json
Resource
win7-20231129-en
Behavioral task
behavioral24
Sample
web-client/translations/my.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral25
Sample
web-client/translations/nl.json
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
web-client/translations/nl.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral27
Sample
web-client/translations/no.json
Resource
win7-20240215-en
Behavioral task
behavioral28
Sample
web-client/translations/no.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
web-client/translations/pl.json
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
web-client/translations/pl.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
web-client/translations/pt-BR.json
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
web-client/translations/pt-BR.json
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Plex-1.88.1.96-c1c59fc1-x86_64.exe
-
Size
177.5MB
-
MD5
8d9e10e53dd1f3debca287124be7c262
-
SHA1
840b298d54219611efd41177389526c115c909c9
-
SHA256
0f697e9cca3455c8e54b7b049b4e9632115634615f38e43ddbeb781d978354db
-
SHA512
6e69d4d105236d711b7a6d03c80b68b3bcad7aa2082ef85c30b9e5beb9917d8eeb94841a12cf1178637ce6d00a1fe8f46d34fc21f283a1ccabcd280f1206dda2
-
SSDEEP
3145728:7UVuPbCpw3jGP1ppoA4VgL5yHv4v/KXqD/z4GEsskH3zL7B+Si9Ara5:gAPFjm1sJW4Hvy/US89yU
Score5/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
web-client/translations/fr-CA.json
-
Size
243KB
-
MD5
c10cca4a8d329051baec753502ad3be2
-
SHA1
af6328c7628d6772ec9fd09f8b2ab3b81bdf7da9
-
SHA256
f85b7b26d7b3a1c88906ebda7c36f584c562bf048608fb32e597467ea21c75f9
-
SHA512
c4e81a4ddb9ca1940826436c4ad2a7e7d536277ad264bc15b0403fe78216842d9893506429e48196f3d88ff4c8e10b015f6ca41abbfecfcc476bd9cf4b9d1c1e
-
SSDEEP
3072:dlgqCCLebiG1pHGD85hfcBozvxARhwwztAJCRjdE9goppkH0vDCVgO3OeyKxY0Hi:w+852x66YWUcfoXi31opKaAYmbNd7Q
Score3/10 -
-
-
Target
web-client/translations/fr.json
-
Size
240KB
-
MD5
635ac93533ef3574fbfb8d4f91435e4a
-
SHA1
e346d36769f40217991bfae8095311fb7a2deb0a
-
SHA256
0caa5d00f88c1e2e189406a8621ebdcddc55031c58cc93a66ddcd92cdc989122
-
SHA512
45e16c6a4807c4a86136aef88c4ed2a9054fabd727a80280dcab927e2a93d45d4db2b94f372c4dcaddb583ace100a808be5e71477827b1546011571def239eef
-
SSDEEP
3072:iUoEIaUzyKHdFZv75aBc/qzvXA2wyWGdfJ0ulOdk2g4ptmERz2VoFQilXKOrvH6j:+d753v+Cso1pLlACHDopKJAvQg2y7N
Score3/10 -
-
-
Target
web-client/translations/he.json
-
Size
242KB
-
MD5
ec38722a0b42e53fb82115a5f37cfa64
-
SHA1
f56956227ff9ab316d538f88172d4ff0cd71536c
-
SHA256
3cb9978ac7f40b8973585bf0aa3cc18afba0f578118e21bfb9082a651add30ab
-
SHA512
02af1f52a9ad54d95768e966d4d8481b4eacc4a8110fbb107a8ca5c817e92d1ebb5f73c941aa7cf3d547ddd3b2ecd7fe0d331885e3f026e0c15b03e90ed60d99
-
SSDEEP
6144:LRqYjbvxi1BswKOkCp5sgBCxPhxxYrSwv5rMmZUBk7Olrwf:LRqYjbvxi1BswKOkCpygBCxPhP0Swv5j
Score3/10 -
-
-
Target
web-client/translations/hr.json
-
Size
111KB
-
MD5
6cc56280fc8a1b952bc1940ce522c80c
-
SHA1
bae76ed798d0df6162bfc9e4332e3e5c0350ce89
-
SHA256
a4d0a59b342c96c098c0360585ae533048a03d4d96986175e8872f634c12b244
-
SHA512
dc8517064391b80350111161e9927752379903518a8657c9cd8f11bf57d3a4a3f2cd28d178bddf6c93c07bc60971ba6a0d64f2f9ac5622508d769e8e1aad2dbf
-
SSDEEP
3072:nTLRK032Vj7Onfe15Gn+OOV/Brf/DWsBVhZtKx135J6FMNhlw3+lBvYa:Hk6e15G0NftAZw3+73
Score3/10 -
-
-
Target
web-client/translations/hu.json
-
Size
238KB
-
MD5
66a3d1ac29ca8124e008986eeab30a74
-
SHA1
11eee80e60d41a1d35755eda7d42f8f1b4a927f9
-
SHA256
e432e5f6d764d80e3775f45c0a8b1b79b6ab59ba5709ee8af15ce12eefd2b8e1
-
SHA512
8b219d4732339ce8f2e5c190ffc663b040e7efc4b7906ac4016114b880c3ac2a3eaeba2ff4d5ed62ed38d9e9a64c96d52a93fdf210f279005b36370d4f057285
-
SSDEEP
3072:DpSjMhhaTWuTygBeF9X8ThJ3D17PceGK5H/5ewSFyDEXOxFPOCSzgpl/Wfr8jIn2:cMhUZBg2I51HPZhZaT0xuUKUG2If
Score3/10 -
-
-
Target
web-client/translations/is.json
-
Size
45KB
-
MD5
018131f654bc456870314351c63ac1f5
-
SHA1
303a8e90a82b310fd456aa49b24aa00e48c168d1
-
SHA256
bb71c4b1fc04eb15c599cc50d7124c13f78a1bef45ef72d68fff3982ed87e355
-
SHA512
b6a2bd2c2f9583078c1a5aca8497d78b6d69dcc42551dda95896ff731607af641fefa91bc48f24c997b1451e0bd31b820fef9c0cb0c953451b73ed6113207446
-
SSDEEP
768:hfeZmxrxJuav6L8szc3KECFatTmDsIQQCLW5slOwizkEZ6h:hxxJuaKJMIatTmDsIQQCL8WOw9EZq
Score3/10 -
-
-
Target
web-client/translations/it.json
-
Size
225KB
-
MD5
10e43d161d3c530ec39aac980fd6cffd
-
SHA1
18f93b8e7a4a36aa5e34ffe84e2e5d2f26a0a385
-
SHA256
272b294c704e340e1d19571120979c7782132ecab067d3e163a3d93e6fa7a685
-
SHA512
cc832fe518817877e79fe6031f759e2550a59000b14e3e48c242a6b6e0fe56399adf9199d01b1ad0d92ff73846012121ead281c11e19f8924e80b3472dab59e4
-
SSDEEP
6144:vr1PPFcu0I8I7StEC15sFyWk9ExyICMUC+hgwnRHmwJjZADxt3LG+a/2nMeh/THF:phkRVolX
Score3/10 -
-
-
Target
web-client/translations/ja.json
-
Size
265KB
-
MD5
45ac73de77ed72d77c3aa72971fd5ab8
-
SHA1
87796c847bde498f2ead76be33bfe58ae9b27c33
-
SHA256
3f794ff939bb1f8c772f9115922130bfbb657cf22dc1fb7f5f69edc6f04a5643
-
SHA512
e1d0384f5f35f4d995c2dc8e5390fc8e657349c97ba0d7f5b796e1216a35e58c037f9cd116a83c81ccbd7e52cfa25803b90d2270f88bdfd0427009ce383c56f3
-
SSDEEP
3072:YqawR0v4IsSAJj6P5nCIL0ddEUkl7xeAYb4Kw4o5xKphWl7/iuHDnUPjLqpNpldR:LAuuiEic
Score3/10 -
-
-
Target
web-client/translations/ko.json
-
Size
188KB
-
MD5
cce543c80b9cb8d6ad769d8448857e1d
-
SHA1
d944c5ea39183241d938bd50a7b9b073fb7d3e0b
-
SHA256
a82ea5f8820b0226fbf22c2a7e54d341013e38bd35442d2c38cab679f5fa83c0
-
SHA512
f9096415c7fe4893a7fae79b26efdd3819b5135e0a4d0e127368017b6e64a070d56792ac570030e067e111739b8f9a4f071634d4cdb076f539a10b0c19e5c966
-
SSDEEP
3072:kz/pBqmWnu9uUrDDUJck36qU9gIxJilfb9R8FtABKtI8WAollsQU4Wwfwr5GSrlu:+C7agCYSFHulW4bt
Score3/10 -
-
-
Target
web-client/translations/lt.json
-
Size
109KB
-
MD5
26f6fe0f7a077a0a32ccea96c2b820cc
-
SHA1
5388c7826c9ef4526e50aee33a470b572a35728d
-
SHA256
20913922b3befd5ba5244fbec3eddce654558a7e11cdeeee931dc7b8c0c04129
-
SHA512
3a67578b39254d088e559527dd6721b5e6af0453da6d04c678e14de8c59330e1ba9dd9a77f9722b5a3d44a14ab8b32fa7080729cb2424e1640a274b9e6b77af1
-
SSDEEP
3072:QQJqrvrxw3XH5i7R+jZC/PYDBQIdqLdLVICs:P1aAI9s
Score3/10 -
-
-
Target
web-client/translations/my.json
-
Size
134KB
-
MD5
3a2f807a6f660cc02db520afde62814e
-
SHA1
977f7ace81a96890dc863c233ab14ffdce6e26ba
-
SHA256
ac0a99152e138f6732411fc48c46774053dcc35f3a8a2fcfc0da2ae531762c6c
-
SHA512
398c0d04920f09a9fc8cf4972e47d98743df648e5eae31f4fc53fccd1fddcc39464b9d2fa0c2ef62a15127b17c5f78728e8889bebac1469950b8bb985deeb20e
-
SSDEEP
3072:v18CoLjxCXmoCqVLCVSOwbBZcxg9VtRHx:v18CTp3OwFZcyFx
Score3/10 -
-
-
Target
web-client/translations/nl.json
-
Size
156KB
-
MD5
b2da2b14a8ecb765d750c9541d9cc2f6
-
SHA1
bb053166fa62ca22ab6243b1a091e62b0eba05c7
-
SHA256
0418742fe9d4c51e52417b215ad6cafa1b9859c2f706bc388c52668c6e84d79e
-
SHA512
1fa4c40b468f869ac1ca3a3caed277c9825fd7fd29d893c454eb25317a82890c96fccdf73edbe93b6b19a438bb5bec462b7baa295896fead02ccaf7d76e1795b
-
SSDEEP
3072:wCBo1IRjrvvgVWKR0q6nT6k8gyh0613DAbaOEsasnlU7WLAONDK1d5dKgCGXfRm2:o1IRjDvgIEd1VCGX5sHbq
Score3/10 -
-
-
Target
web-client/translations/no.json
-
Size
224KB
-
MD5
50077b0e1bfa4f89ba8685f13df7d3a2
-
SHA1
1d878d929c4ce51fdaa5f67cda26570e4c0a313a
-
SHA256
c942e68b5711f88e67d5c58297d5fc5a5beb46d194058af92475d1316fae98bd
-
SHA512
156a7780588558e10b736f0f6d8a1b9fc8939a09fd1fe77771b5dd12fd810fc44797b2145bb07bb65252ed4e36507ecf4bd400c719914cb7343f2e3c1a8abf09
-
SSDEEP
3072:YyWQzpmXq5fVB9audJSVCUpOcDyTpEbtO535GQaHGf3uN7h8I9PkX7yVruVx7xKB:hcDcaHOGEVpigCSnUFD8OH6q
Score3/10 -
-
-
Target
web-client/translations/pl.json
-
Size
229KB
-
MD5
9ea17fa0857e212627af762da17fa65d
-
SHA1
3790166e767b6386a7d81c13c24830fa31afc3a8
-
SHA256
3955bfa051a8aa8e7a4576e2d76839dd867e73076ad5326806bd4b668b2aaa02
-
SHA512
922e6f350de0db3ccc00c6f72d65145071dd4b6954d832c7d0890029c07d8fbf28be57d846e7457e43342e298316cf28b1c9d480bdc19dc71a26d4f54b708c43
-
SSDEEP
3072:p3inCqVoZoPVqD0g4bf9S33k5sJklGouUFUnZe4rhcy/NvY0zjha2HYs5DKBTjsh:KXZS331TjYIp4sqTi6YnLgXhyce
Score3/10 -
-
-
Target
web-client/translations/pt-BR.json
-
Size
232KB
-
MD5
22bd2d79ad2ccfbaf3d9de20572d847a
-
SHA1
aabe4984f62c404e89d5880b4da619a35c160d40
-
SHA256
3358b77fe149fda92a403b2aa60eb61cf461c8255bffb989d9b059668f76a273
-
SHA512
cdd0b8f136aa97bd6fbb6f66a7174ee59b1669b74e621bb1bdf34d472c262e92e2f3e7b2ab4e0c7fdd09cf4055d1198340791714ff7d52ea95b1b68083e30ac3
-
SSDEEP
3072:Z+wAE/jofDYUlsnle3W/NAVzb9AKl7ljU9udgOHxQTIjVi9UfJ125ULJTy/9fq5i:oFg1Xn8gVXt
Score3/10 -