Overview

overview

7

Static

static

3

Crack/VideoGet.exe

windows7-x64

3

Crack/VideoGet.exe

windows10-2004-x64

1

Crack/新�...��.url

windows7-x64

1

Crack/新�...��.url

windows10-2004-x64

1

VideoGetIn...al.exe

windows7-x64

7

VideoGetIn...al.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

Help/VideoGet.chm

windows7-x64

1

Help/VideoGet.chm

windows10-2004-x64

1

Help/uninstall.exe

windows7-x64

7

Help/uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

VideoGet.exe

windows7-x64

6

VideoGet.exe

windows10-2004-x64

1

ffmpeg.exe

windows7-x64

1

ffmpeg.exe

windows10-2004-x64

1

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/03/2024, 06:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VideoGetInstaller_trial.exe

  • Size

    3.5MB

  • MD5

    e25e5afec33c8583c8216ccffead38fd

  • SHA1

    56486110e3d0f3ca9e3139c5e4389e1bce255556

  • SHA256

    be08b756f07058e58ed20b1686bc6498db91983c3b7ff42136eef0bf2267e858

  • SHA512

    182425348809b32da8e0b244cf164c029cac18ae7d128fd7a2cc8d9e36b342373be2bde6a94a4fe9f022fc680211e706841f9364b86c9e79c78800fbcd3fdac6

  • SSDEEP

    49152:YhC3stkg5ANWhRZvnKxR75a1MqMFEDRojzdbp4bXiUi2NZ/UhpJM0z6bphvxkGIQ:xstF/KT5POFolLDMMevxkGIp4/tMU

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\VideoGetInstaller_trial.exe
    "C:\Users\Admin\AppData\Local\Temp\VideoGetInstaller_trial.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1932

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsj6F96.tmp\ioSpecial.ini
    Filesize

    606B

    MD5

    2685051650902bca7d5089523dca301c

    SHA1

    8a3e3e7dc64b6d12ead51e431380ba25358c51db

    SHA256

    7e77b66732af713e46c352cf95692d5ccd2f35d5948dcc2fd2d5e9d5138923f9

    SHA512

    68e7dc706bb5669eba64f70f87da7ad62c1b5689e57b310e48d656e9a54e5ba0cf8c062c82150668f3820c9b1a8d14cc7cc6e00898c4dc4512a8063a7967b20c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsj6F96.tmp\InstallOptions.dll
    Filesize

    12KB

    MD5

    444e1109d960c307df0ca2b33a24731b

    SHA1

    55e3b57d06128911ed4af44858d199d9b1945edc

    SHA256

    b3ba181120cd5b57e2cd5435bbd64c3257f7525ade359f89554e93f466692125

    SHA512

    9efdb45ee0eae73c24d3f01ff799160090f2b1f0f28ee8da3af52992fec220bf905070ce5a6cc1b5657642440ad29c22bc6889cd3ee1f674a908a935dcf4c2a8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsj6F96.tmp\LangDLL.dll
    Filesize

    5KB

    MD5

    16cd5a02b2478d68b887724be8e08c68

    SHA1

    aaefd783c0c4dc98b9d34de36c1e0bf83b6ab312

    SHA256

    dfd8fd2e7edcdcc97558d11d6ef1fcb676610a9211c9570c118cd40905e5b165

    SHA512

    b52ba5f9a8e22fe49b973bbf3709147948e1318b833dee8e67a7950796c39685dc21925c0e0da0f45d8b74f904f52ec877615522a052677a0c7537ea8a8bae23

    Download Submit