Overview

overview

10

Static

static

10

xhs-live2.29.4x64.exe

windows11-21h2-x64

4

$PLUGINSDI...ls.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDIR/UAC.dll

windows11-21h2-x64

3

$PLUGINSDI...ll.dll

windows11-21h2-x64

3

resources/app.js

windows11-21h2-x64

1

resources/elevate.exe

windows11-21h2-x64

1

resources/...er.dll

windows11-21h2-x64

1

resources/...xt.dll

windows11-21h2-x64

1

resources/...dk.dll

windows11-21h2-x64

1

resources/...v1.dll

windows11-21h2-x64

1

resources/...w3.dll

windows11-21h2-x64

1

resources/...ac.dll

windows11-21h2-x64

1

resources/...eg.dll

windows11-21h2-x64

1

resources/...ch.dll

windows11-21h2-x64

1

resources/...gc.dll

windows11-21h2-x64

1

resources/...on.dll

windows11-21h2-x64

1

resources/...on.dll

windows11-21h2-x64

1

resources/...on.dll

windows11-21h2-x64

1

resources/...on.dll

windows11-21h2-x64

1

resources/...on.dll

windows11-21h2-x64

1

resources/...1d.dll

windows11-21h2-x64

1

resources/...on.dll

windows11-21h2-x64

1

resources/...on.dll

windows11-21h2-x64

1

resources/...on.dll

windows11-21h2-x64

1

resources/...-x.dll

windows11-21h2-x64

1

resources/...on.dll

windows11-21h2-x64

1

$PLUGINSDI...gs.dll

windows11-21h2-x64

3

$PLUGINSDI...ec.dll

windows11-21h2-x64

3

$PLUGINSDI...ss.dll

windows11-21h2-x64

3

$PLUGINSDI...7z.dll

windows11-21h2-x64

3

Uninstall ...��.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    xhs-live2.29.4x64.exe

  • Size

    307.7MB

  • Sample

    240320-n1r5nsfh57

  • MD5

    e2deead78dbbe16e2a9bb89aa6cf66d1

  • SHA1

    32d16a325b2c7de8050dade9ed55316007993773

  • SHA256

    b87fc34a41097a56a573aa668f8c9c2d3e83680446d10df69c84299237d5016c

  • SHA512

    c38f6e03a800ed150ebfae54ef0434375080adc194e6274c1dc567c46d92e3f951ebd3f6782182e16c46f138f9f743a3420863f354c3012953e780732837202d

  • SSDEEP

    6291456:hEgWZeq030HjCdgPPHycfm0GC0oCA0GC0ooA0GC0ogf6f0GC0ojOh1yGZfa:hEgWZeq030HjCdSPHy5C0oCkC0ookC0F

Score
10/10
irata

Malware Config

Targets

    • Target

      xhs-live2.29.4x64.exe

    • Size

      307.7MB

    • MD5

      e2deead78dbbe16e2a9bb89aa6cf66d1

    • SHA1

      32d16a325b2c7de8050dade9ed55316007993773

    • SHA256

      b87fc34a41097a56a573aa668f8c9c2d3e83680446d10df69c84299237d5016c

    • SHA512

      c38f6e03a800ed150ebfae54ef0434375080adc194e6274c1dc567c46d92e3f951ebd3f6782182e16c46f138f9f743a3420863f354c3012953e780732837202d

    • SSDEEP

      6291456:hEgWZeq030HjCdgPPHycfm0GC0oCA0GC0ooA0GC0ogf6f0GC0ojOh1yGZfa:hEgWZeq030HjCdSPHy5C0oCkC0ookC0F

    Score
    4/10
    behavioral1

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      100KB

    • MD5

      c6a6e03f77c313b267498515488c5740

    • SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    • SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    • SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • SSDEEP

      3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v

    Score
    3/10
    behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

    • SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

    • SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    • SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • SSDEEP

      192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6

    Score
    3/10
    behavioral3

    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      14KB

    • MD5

      adb29e6b186daa765dc750128649b63d

    • SHA1

      160cbdc4cb0ac2c142d361df138c537aa7e708c9

    • SHA256

      2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08

    • SHA512

      b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada

    • SSDEEP

      192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs

    Score
    3/10
    behavioral4

    • Target

      $PLUGINSDIR/WinShell.dll

    • Size

      3KB

    • MD5

      1cc7c37b7e0c8cd8bf04b6cc283e1e56

    • SHA1

      0b9519763be6625bd5abce175dcc59c96d100d4c

    • SHA256

      9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

    • SHA512

      7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

    Score
    3/10
    behavioral5

    • Target

      resources/app.asar

    • Size

      8.9MB

    • MD5

      ad8d916a2ea19db44c76db72d0b7ba8d

    • SHA1

      d0e0f4eabbc51b1232a691bfcda95ed7f0725a38

    • SHA256

      8c389c5eba5461d24a756147f11e6cb3d4cc05dab07b24e8ecf59b20223ea79e

    • SHA512

      7c841c2dbc37199c3aa3f17396d3dc92dfaffea3232a8807b7cab1efeed2c669d313376071ecce8e7dac3c45463e024fa2478275306ce09c255e081c47e5d182

    • SSDEEP

      49152:fsuTRe3WWcuq3DYmF6qOZdlwk/Kz8HIzSu/vO64T+5pQPYdONCyZV6e9xEiaTE1T:K+ahILQPYOZYiU/BUFZxV+El

    Score
    1/10
    behavioral6

    • Target

      resources/elevate.exe

    • Size

      105KB

    • MD5

      792b92c8ad13c46f27c7ced0810694df

    • SHA1

      d8d449b92de20a57df722df46435ba4553ecc802

    • SHA256

      9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37

    • SHA512

      6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40

    • SSDEEP

      3072:1bLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWl:1PrwRhte1XsE1l

    Score
    1/10
    behavioral7

    • Target

      resources/extensions/agora-electron-sdk/AgoraRtcWrapper.dll

    • Size

      3.6MB

    • MD5

      7c071fcb329d09729580eac32594a3d2

    • SHA1

      055974d47b46d092d6a499a5398c6a323d2463d7

    • SHA256

      ebb1bc9c7fd09acf1294d7cd74d4f1959a733b76a3a7a91288dd70ab16ca61ee

    • SHA512

      103aea87ee24673fcace709c1b2f464060b36336c163096213c6b59bfc2016409ccf2c89e2435fc25c6aa92a7f15f2d52b3b28499f3a72e6af59172518482595

    • SSDEEP

      49152:kGumHdPQAelACMZYPrVv9KmYuDMrwyRX1nh0iuGc:RPQAelACMZYPrVv9KWMRXnhY

    Score
    1/10
    behavioral8

    • Target

      resources/extensions/agora-electron-sdk/agora_node_ext.node

    • Size

      941KB

    • MD5

      8e3d6f6c73b4da859cae3cebaf2d8a15

    • SHA1

      18b6ccb953cb1cadd496d9dce975ebf81bb553ca

    • SHA256

      01d2b9dccdb5d36dfa7bd304fd8bb24438c506c8f1048d372b76a0ca4045689a

    • SHA512

      9cb4a32b3dc41c9d0ed01d614a78faecc4a310647b7aaa1bd13166fb073658cb980c5748f2e06fa5d811db6c18dd22f41262fe78bc0d09b5a565634b84551f0f

    • SSDEEP

      12288:ekjMfBIvKgNsX0sjLcMH0zcYLTA72aGlRrVR6TSagKxAQcpZJvn6O6dmcowc2Ubt:eMMfB6NNn8TSmxF2Jvnwmc2b

    Score
    1/10
    behavioral9

    • Target

      resources/extensions/agora-electron-sdk/agora_rtc_sdk.dll

    • Size

      28.1MB

    • MD5

      9f9be693bf2a27ba5f0f5502bfabceb0

    • SHA1

      99cc5bfe52a57d8ee5ebb3af1e2e8d41b934446c

    • SHA256

      aa5e971ffe10758aee51b5b8b9066bc513e55aeb3c6a3502aafda2efbdfe7d52

    • SHA512

      3b6b2f92ac5907db2dfddd9b1bccd7a1b7fe3dc361fbe538b396cef6fe1b64c52d2c62230620a60e39faa4cfa8de09ca1558ca2ddee372faa70951f48e92e4b8

    • SSDEEP

      196608:lbIhOMyGuZWwkm2j0crW6U2ystIH4w1LAO0raR4Y9124A5MkMiyVc:NIhOBtdz8BrjyFHZ1LX0rE9M4A+khye

    Score
    1/10
    behavioral10

    • Target

      resources/extensions/agora-electron-sdk/av1.dll

    • Size

      1.8MB

    • MD5

      8244d174668cfe8488b0c58444767f25

    • SHA1

      9dfd91920ce734fd61ce1bc0fec51e490d7641da

    • SHA256

      3c9111f7527c55d5f016efb3d430899ec4a58713bd41414a3dae2ad9ac49e241

    • SHA512

      fc2a29f9b64c1575fdf93df51eabe087d6109480ed48b79eb3206e99309fd861cb45cd6f99a2915cec1deb524b48b02a32cbf290000fedcdbaf5a2e5d488fce9

    • SSDEEP

      24576:u6GN/aA8Y50zM+wj2sy/mDkWs74WqXm+5uMNhNzt6rPSTnauftQj62:u758Rztwje/mDkh8WCmOuMNhL1aul+

    Score
    1/10
    behavioral11

    • Target

      resources/extensions/agora-electron-sdk/glfw3.dll

    • Size

      355KB

    • MD5

      b5f006f1afcf61f02b85b3b1552833e4

    • SHA1

      8ae70454827391287f04f282ae3db9be890ac173

    • SHA256

      b767bcf98f89d0960b2592a61bd6841d37a6f22af65be4f7cb0e9c34ccb23309

    • SHA512

      3fbd28ce00bcd1d612a8434b2965e58459059e3e8c32afd25d12c1484c9a55e3582e95f4647bbabb02158703b898e57670d4d840193a952a935c85af574de7f9

    • SSDEEP

      3072:jQMmQO1FaAFdjDsXuIdiVdlbmS02ypLTqJx5J49QUt534gRRojORGPDlzAEGSUZ1:jQMmPDLzGi7h2x5MuQM2gOAJT0T/39

    Score
    1/10
    behavioral12

    • Target

      resources/extensions/agora-electron-sdk/libagora-fdkaac.dll

    • Size

      777KB

    • MD5

      719b65e78d5edfb2aa78b21b578f9624

    • SHA1

      2f1ad04176877e6a2e970d5a615f889dd6df0e0f

    • SHA256

      2aa4004fd31d35d9020e71d26f76ca94aac1419aa6b891fd8bc5ff7076d28f6f

    • SHA512

      501858ea903f7a27c9d6e8ef27ab0e7f007fd1721829e74e813f0916089310c755a3c4a55fec9126ce43a735ced399c58baeaaa3cd9dda6bbae2735d86354573

    • SSDEEP

      24576:IksHBSOOSzQ99rqg3jX4ueeoSbLFTP6KK+gB:IksPzQ99rRXKTSbFy

    Score
    1/10
    behavioral13

    • Target

      resources/extensions/agora-electron-sdk/libagora-ffmpeg.dll

    • Size

      7.4MB

    • MD5

      4dcdf5468a22e22f10d98008173894d5

    • SHA1

      c93b2515d1adb00c5de4e3cf108671b7b0e3b64e

    • SHA256

      eec64bd01df24b3480196d0df3ce0532266f0c3ea4ad3c0b138f44da291098e8

    • SHA512

      01f9d770755c09a48a67281635c412c172550ceaa7396c17a489805ecadb2e495bba2f8c7129f3ff09a5a3f83b17fa380fd5db104e3524f81a31b40f55e26844

    • SSDEEP

      98304:y8L/GS3uckBjoXoNYxIQA09nrAvynihRtv2wv11mu0cJTKG:o0A09nrAvywDm9cJT

    Score
    1/10
    behavioral14

    • Target

      resources/extensions/agora-electron-sdk/libagora-soundtouch.dll

    • Size

      155KB

    • MD5

      9578c13066ca8f87e8ee0c833eca4af6

    • SHA1

      66153fe2d7d52612a2f7c1b159acbc3f056d6675

    • SHA256

      ee856fb24c439465ca73ea140250865690b355694021e5595780b517dc04e365

    • SHA512

      4b627e8126e92809d692cfd9c44fff5b340ddfb065a004664751e02f52b0c83927568c61b894786c73002907a2cb7a755fc5ba2c1bda0fb42b23c979c6de23a8

    • SSDEEP

      3072:4jP3qDG+hXTbWxHCH6SUucc+SJNXog/XOEoY4pzDotJgaB7htiVUW7:4jPEpWxiaOc1en/lohybi

    Score
    1/10
    behavioral15

    • Target

      resources/extensions/agora-electron-sdk/libagora-wgc.dll

    • Size

      2.0MB

    • MD5

      81658426342cdb85be2099e8df413e87

    • SHA1

      184f3e3f1112ecd13cde9308bed251e46b51de48

    • SHA256

      64dfcb78033eb818b8e6f1310b54ee51b9447fd9444125ddfe714e7024d559ed

    • SHA512

      d8893870ff192f71ac289cc0bae8c5ddec2c54eb5eb91e86736ac6489e643f0e1d8101eb680d4c9dec5ad63eab440ce2f9249fb3cb5abd6bd25a4151559e9f97

    • SSDEEP

      24576:w2Dp2zFxgrnU/c0/a74PWIxRMuCMI1qVL7nXyD+8nT9Lvq1:w2DGFeTU/cEVLry1nTRvq

    Score
    1/10
    behavioral16

    • Target

      resources/extensions/agora-electron-sdk/libagora_ai_echo_cancellation_extension.dll

    • Size

      3.9MB

    • MD5

      4df13e99d563ab2c891ce18aff7f60ba

    • SHA1

      c7bb15a87a5df57f17cd629c6b4d19f40b7fa062

    • SHA256

      3df6a58aa7b522d0f8ba3936a7677b3ad44a6656cf394cbec968d065b3e179c1

    • SHA512

      4c62f1033b887dc59e365ac4c5b0fb38a4681c072aab89516c3888bf00716d56a44ef8c1d5c1874e3d70b81e3f9cbf5d1ed587bb2b8e923a63b7a59ebb81a79f

    • SSDEEP

      98304:OPVNUCJqyYme634JyeVJXnKCqS5ESTmpF:uV+CJPT7XCN6STs

    Score
    1/10
    behavioral17

    • Target

      resources/extensions/agora-electron-sdk/libagora_ai_noise_suppression_extension.dll

    • Size

      2.8MB

    • MD5

      e5dec09c132d053681a098b791282ea2

    • SHA1

      732162dac9d4273d087aabf15c51b6bca05b2da0

    • SHA256

      f10c31d65665476e00ea4991fb589c72c703a91ee4d172b5f205ad5048c6820e

    • SHA512

      746681e6ee412e8dc94b4fb3549d0ed88a7ec8732de2b7a3a28972bfd347a63dff41e84b42acf6185c9861a8d6dfefedd856f40b5e7c42070e39955b5c683bf5

    • SSDEEP

      49152:MduNJ3e29+spwO2NdNaDs1+Hw7NjH+WWpuxSpni9h7pxxj/b:pEspwO2fvQQ7tHGpcSWF

    Score
    1/10
    behavioral18

    • Target

      resources/extensions/agora-electron-sdk/libagora_audio_beauty_extension.dll

    • Size

      2.0MB

    • MD5

      78534c69cd50aa13b6ae53e43f073c16

    • SHA1

      77a48fd0aca6fa72e17705f54f76e49a46820212

    • SHA256

      295b341b9cef4ffe49b5b40e8ba26314bf380fd78f23ac2313066a68b6e3ca3a

    • SHA512

      3a7c4709cf4c3fb87a412411c0df69e33badb9bb9daea86e1088f78b737bbbe9938868bdd866e4fe783548446398698bcedccb3164ca4841bef4341cd7d0d0da

    • SSDEEP

      24576:mBEG+imEQfgVExjn94QqKvvAXVPHRIhIyOuxjUZaU8F9wU0C:m+im7jZ4HXVPHKIyOuxjUZaU8F9wU0C

    Score
    1/10
    behavioral19

    • Target

      resources/extensions/agora-electron-sdk/libagora_clear_vision_extension.dll

    • Size

      1.2MB

    • MD5

      9ddb81a739b263ebe413b21f80c26175

    • SHA1

      c1c7ec1144d5bb2607635157dc86c6c5d618ff85

    • SHA256

      23499235d6b94be3a9a8a97d94b051962c2188b00c458b86b26f9160fff635d1

    • SHA512

      faf2cb257390c3da2e0a52cad2963f5f21b9180ba274fe50c8086cc751d898152c23ef4cc364e366288ec1cdf495013c8c0c6d78558abb02e38cf91714c7ce27

    • SSDEEP

      24576:gvkmfT5LpbHoEJbeTGHZKl6Z9AAmis5djBhk6BoNWKrdr3pBUo:JOt9roEJbeTa9AAXS/BoNWYF3p

    Score
    1/10
    behavioral20

    • Target

      resources/extensions/agora-electron-sdk/libagora_content_inspect_extension.dll

    • Size

      1.5MB

    • MD5

      6c75d733aa68e8f29037a5f99b412c87

    • SHA1

      eb64b3fbc72034f63e03aaed6cbd52255d11895d

    • SHA256

      c4873df1c0747e39029cef5af475aebc338d9b7e1305b072d392645e793c6984

    • SHA512

      2ae3a55ab1ae862d779f1425cee55e6ee84b573897749b48f061045077d5420ed20fa23c87aae7ac5af8fe6d5180e24f5da096b7457d51a00ef221e4020b635d

    • SSDEEP

      24576:Z9Ag7BtjIdBxQSmG8/nwI9tCuFjOG8XtZyvCs5P98BqY6wt/zKs3k5fEzr5El8Yo:Z9Ag7bjIdBxt8VrdjLOtovZSN6wtb10L

    Score
    1/10
    behavioral21

    • Target

      resources/extensions/agora-electron-sdk/libagora_dav1d.dll

    • Size

      2.5MB

    • MD5

      b6e4ac9639c5a9fc7f34a8b8b1d607c0

    • SHA1

      4a4113a297977fc2f0e17f5215a7501dabcacf36

    • SHA256

      85e6ce33bea7796f78f6cef14f642be7f13c0395d6448ce803b6bd98ca48771f

    • SHA512

      6a92ab85ce81432d2b318542d39efcede453f517362dbd5ea2e22d1240f06272f9c9294f710218215554274eb669537b39bf75379d0ab87a8a89e599345525cf

    • SSDEEP

      49152:6cFF5v4PUsB45+WhXdzBp7nuvhc7uWII:64KPUsq5+WTnuh

    Score
    1/10
    behavioral22

    • Target

      resources/extensions/agora-electron-sdk/libagora_drm_loader_extension.dll

    • Size

      126KB

    • MD5

      e4d3ad7cb7a34abba6320b621fb29c60

    • SHA1

      c17b59112f8763f4902352966b7dd58cf5fa4315

    • SHA256

      96e19c50fb86d5b6b42dd2ae5cac93fdef5bcf9b302c1d1a13c69f3d298ae4e0

    • SHA512

      27a64ef9a1c12f02e634256fdb0102f28527627d0e9c11eb1cf3a3ce4f09dc4bf3f249a0fe037fbda2945f778dabdde67f6514e857c5fc582e3275ff437849a2

    • SSDEEP

      3072:y3Dh0clysZsQygcvqRworch5ItxiG6mRLOiuQ7:AV0uTf6qRw8ce39

    Score
    1/10
    behavioral23

    • Target

      resources/extensions/agora-electron-sdk/libagora_face_detection_extension.dll

    • Size

      1021KB

    • MD5

      d04becde2eff736757865c4b9110e6ff

    • SHA1

      c9ce5a02cf4004d2caa0e7cc27ba9e8fd8a869b9

    • SHA256

      59adb51158cc929e1e2efa9780a32fc22362d97a9b1c15a1ff67ce1102ec3b3b

    • SHA512

      ef9421bdc68238824f28d922242dc1cf5f6040601756fac712dd05ccb2901f9041e5e5d56b3908248e0db114d72719467f0ae64184cb8fbd91754e65aefa9f18

    • SSDEEP

      24576:u92D7ukPuZIsFvv9teyeJQDllnPq3Qrbw69WV:u92D7ukPuZIiv6TWllnP

    Score
    1/10
    behavioral24

    • Target

      resources/extensions/agora-electron-sdk/libagora_screen_capture_extension.dll

    • Size

      636KB

    • MD5

      8420cc0dc08388f1b04860392d9f3281

    • SHA1

      d27e08255fd09dd8100326a9e2660831a11e6d79

    • SHA256

      6943f33b81704e0ade0dfbb3ab7272bd22ce7998d57cd8f71a6247f4ebb9c46e

    • SHA512

      e4bb733c89ca3b8d4f4f33c9ca70500ded6516a8ea70f771be42e381f9490942ffe03e289cfacef078e1413d97cb0e55c437bce43e1dfa420b38368e2984a03b

    • SSDEEP

      6144:7nKulvHthjEmFK4BfI0OFZUU97uG8R9DNzWaxfXsZwvyRW8LPnBaihHic8Cn/LeS:hvNemVJIj9Q0afCRFLPnBaYC2zo

    Score
    1/10
    behavioral25

    • Target

      resources/extensions/agora-electron-sdk/libagora_segmentation_extension-x.dll

    • Size

      3.5MB

    • MD5

      b97e3003e94a625d5b499e9dc6f8b0b6

    • SHA1

      26da19d04148788c3e9cfc9662e624f9d77ee82a

    • SHA256

      77145b40921db87a96caec5bc3b2da014c7584fbd92d3e2600330456eb860c6f

    • SHA512

      490027b0cbbd275380608ba228b94484347f6dceb5c07c0ac2f2763f3bcb9a9ae5444efe0215e0544f8c2a239f78e66dfb2258f3b4ca2c64f290dab5b5338a1a

    • SSDEEP

      98304:O4ji8xUfS5bV3nSu6ndPk0FRtxAKs+uiBSQ:OilxUK5BfUPTXPl0i

    Score
    1/10
    behavioral26

    • Target

      resources/extensions/agora-electron-sdk/libagora_spatial_audio_extension.dll

    • Size

      4.1MB

    • MD5

      74096fd801182a11853215451b44fb63

    • SHA1

      8aa8b50a7ca99bef56921f428cc6597b1a8006c2

    • SHA256

      41edfe78051c80c85812b6b1e4cdf04ba01254e9f180605f8f4c3ce9b4f7d902

    • SHA512

      4c73ac033b4ae088ed47818cbefe8a3d032bd219413fbc2747f4a2fb3ccb1e72ca0a6ed4df59e5864de869177c569acc3c99faec92bf288853eaa4ae91d7b8b6

    • SSDEEP

      98304:97vRio8Y8bNp6hW27YGbPdaL9t3Yl+JfxjlOLfcYuhXXR3eSl4Dl:97B8Y8JpS7YGZa5t3Yl+JFMLEhXXRBy5

    Score
    1/10
    behavioral27

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      466179e1c8ee8a1ff5e4427dbb6c4a01

    • SHA1

      eb607467009074278e4bd50c7eab400e95ae48f7

    • SHA256

      1e40211af65923c2f4fd02ce021458a7745d28e2f383835e3015e96575632172

    • SHA512

      7508a29c722d45297bfb090c8eb49bd1560ef7d4b35413f16a8aed62d3b1030a93d001a09de98c2b9fea9acf062dc99a7278786f4ece222e7436b261d14ca817

    • SSDEEP

      192:olsHeylO012En8pqHtcE0PuAgkOyvIFc:oATI0d8pUP0WAgkBvIFc

    Score
    3/10
    behavioral28

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      ec0504e6b8a11d5aad43b296beeb84b2

    • SHA1

      91b5ce085130c8c7194d66b2439ec9e1c206497c

    • SHA256

      5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

    • SHA512

      3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

    • SSDEEP

      96:YjHFiKaoggCtJzTlKXb0tbo68qD853Ns7GgmkNq3m+s:JbogRtJzTlNR8qD85uGgmkNr

    Score
    3/10
    behavioral29

    • Target

      $PLUGINSDIR/nsProcess.dll

    • Size

      4KB

    • MD5

      f0438a894f3a7e01a4aae8d1b5dd0289

    • SHA1

      b058e3fcfb7b550041da16bf10d8837024c38bf6

    • SHA256

      30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11

    • SHA512

      f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7

    • SSDEEP

      48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj

    Score
    3/10
    behavioral30

    • Target

      $PLUGINSDIR/nsis7z.dll

    • Size

      424KB

    • MD5

      80e44ce4895304c6a3a831310fbf8cd0

    • SHA1

      36bd49ae21c460be5753a904b4501f1abca53508

    • SHA256

      b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

    • SHA512

      c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

    • SSDEEP

      6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck

    Score
    3/10
    behavioral31

    • Target

      Uninstall 小红书直播助手.exe

    • Size

      168KB

    • MD5

      49f902f4a6980414a07290643385886a

    • SHA1

      2b7cf4ee011525fe83cb1af6e4f7436a1b0ef9aa

    • SHA256

      8e43258d06c1c9bc3c71d979fa9e46a754ac25ea64a9cb653f6264a4ad3411b1

    • SHA512

      f55bd04adf41b86cfed46d679fbae7e270c5d8bd8289f31dccb39c4e4a510af2ce1c9dd119b1bab1252b45911d5d63674805d454dca6b0c20aa69b380e022734

    • SSDEEP

      3072:Un77v00hEoDEtau3lKrvIaZLWT7yBJk7UJna2MNUa8b32tvhOEA1RJCir86SrSrb:U740IHllaMPP82Ua8T2t0EyL+ta7

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral32

MITRE ATT&CK Enterprise v15

Tasks