Overview

overview

7

Static

static

3

Install_Xfer_OTT.exe

windows7-x64

7

Install_Xfer_OTT.exe

windows10-2004-x64

7

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$_12_/OTT_x64.dll

windows7-x64

1

$_12_/OTT_x64.dll

windows10-2004-x64

1

C:/Program...TT.dll

windows7-x64

3

C:/Program...TT.dll

windows10-2004-x64

3

C:/Program...TT.dll

windows7-x64

3

C:/Program...TT.dll

windows10-2004-x64

3

C:/Program...TT.dll

windows7-x64

3

C:/Program...TT.dll

windows10-2004-x64

3

C:/Program...TT.dll

windows7-x64

3

C:/Program...TT.dll

windows10-2004-x64

3

OTT.dll

windows7-x64

3

OTT.dll

windows10-2004-x64

3

Resubmissions

27/03/2024, 03:30

240327-d2wt5sef7s 7

27/03/2024, 03:28

240327-d1n3xabf79 7

27/03/2024, 03:24

240327-dyfzhsee8x 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Install_Xfer_OTT.exe

  • Size

    1.0MB

  • MD5

    f674e8dbecfe8c834e8f71a1803f8e75

  • SHA1

    1b93042b688bcd1bc51a01a63fdaa0bb53f5dcd1

  • SHA256

    dfff1dfaf0140948ecc3a604158f9fd0e25c2a723a57a51a799cd333166d2dd6

  • SHA512

    1b51b276f3a99e4727e252f5351853d37ca4a8833981ab49ba2ca897e2919ebabd84eed3507bd1879d9d957b5c91bea67d63cb68d89c235ece6d020d3f616555

  • SSDEEP

    24576:SxEkMuanXMt68zgzrZvFLEyZDIBlgwIuHx6+TNc:uSXMt50rBJIBdI/B

Score
3/10

Malware Config

Signatures

  • Unsigned PE 10 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • Install_Xfer_OTT.exe
    .exe windows:4 windows x86 arch:x86

    Password: old ott plz not virus

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/AdvSplash.dll
    .dll windows:4 windows x86 arch:x86

    Password: old ott plz not virus

    741b6bafe355b63a372d737b30543a95


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: old ott plz not virus

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    Password: old ott plz not virus

    1e2884056e655f2b7bc5a904e352fc80


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/splash.bmp
  • $_12_/OTT_x64.dll
    .dll windows:5 windows x64 arch:x64

    Password: old ott plz not virus

    8ff2265d98286776a7182f07c4e33a2c


    Headers

    Imports

    Exports

    Sections

  • C:/Program Files (x86)/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/Win32/OTT.aaxplugin
    .dll windows:5 windows x86 arch:x86

    Password: old ott plz not virus

    700bc4c704c361010ddbd5c5ec31d7e4


    Headers

    Imports

    Exports

    Sections

  • C:/Program Files (x86)/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/Win32/OTT.exp
  • C:/Program Files (x86)/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/Win32/OTT.lib
  • C:/Program Files (x86)/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/x64/OTT.aaxplugin
    .dll windows:5 windows x64 arch:x64

    Password: old ott plz not virus

    3e26df258b19924662da6a21e1e27dd7


    Headers

    Imports

    Exports

    Sections

  • C:/Program Files (x86)/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/PlugIn.ico
  • C:/Program Files (x86)/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/desktop.ini
  • C:/Program Files/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/Win32/OTT.aaxplugin
    .dll windows:5 windows x86 arch:x86

    Password: old ott plz not virus

    700bc4c704c361010ddbd5c5ec31d7e4


    Headers

    Imports

    Exports

    Sections

  • C:/Program Files/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/Win32/OTT.exp
  • C:/Program Files/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/Win32/OTT.lib
  • C:/Program Files/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/Contents/x64/OTT.aaxplugin
    .dll windows:5 windows x64 arch:x64

    Password: old ott plz not virus

    3e26df258b19924662da6a21e1e27dd7


    Headers

    Imports

    Exports

    Sections

  • C:/Program Files/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/PlugIn.ico
  • C:/Program Files/Common Files/Avid/Audio/Plug-Ins/OTT.aaxplugin/desktop.ini
  • OTT.dll
    .dll windows:5 windows x86 arch:x86

    e26de17e478e0c275f1cb0ea49be3a16


    Headers

    Imports

    Exports

    Sections