Overview
overview
9Static
static
7Setup-pass...ne.dll
windows10-2004-x64
1Setup-pass...up.exe
windows7-x64
9Setup-pass...up.exe
windows10-2004-x64
9Setup-pass...up.ini
windows7-x64
1Setup-pass...up.ini
windows10-2004-x64
1Setup-pass...in.dll
windows7-x64
1Setup-pass...in.dll
windows10-2004-x64
1Setup-pass...XT.ecf
windows7-x64
3Setup-pass...XT.ecf
windows10-2004-x64
3Setup-pass...st.bin
windows7-x64
3Setup-pass...st.bin
windows10-2004-x64
3Setup-pass...0.h264
windows7-x64
3Setup-pass...0.h264
windows10-2004-x64
3Setup-pass...a0.exe
windows7-x64
9Setup-pass...a0.exe
windows10-2004-x64
1Setup-pass...xs.dll
windows7-x64
1Setup-pass...xs.dll
windows10-2004-x64
1General
-
Target
Setup-pass-2024.rar
-
Size
220.0MB
-
Sample
240411-ykgn4sbc83
-
MD5
be5044b2726e37905f48fec2671bab5a
-
SHA1
e21a92e5cc46a24349fce2fb3eabf6532273fb70
-
SHA256
160542f4cd93589d1cc84e6e43be8e2adfb8021fee0b02917d23fdf7fad7b652
-
SHA512
1708d179f7e87562edd38085965a743acd1f37bb5ba69ea175fd61c20e0e410d2f357a56ab3557a72908f8bae5c5f8db56e500027ccb125c6b7d38eff575d4df
-
SSDEEP
6291456:t3eNI+WtsMeXrJXzhGM0ZnotGiCi7WwpFCz:9ee+EsMkdgtZoZ7pFCz
Behavioral task
behavioral1
Sample
Setup-pass-2024/Engine.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
Setup-pass-2024/Setup.exe
Resource
win7-20240221-en
Behavioral task
behavioral3
Sample
Setup-pass-2024/Setup.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral4
Sample
Setup-pass-2024/Setup.ini
Resource
win7-20240221-en
Behavioral task
behavioral5
Sample
Setup-pass-2024/Setup.ini
Resource
win10v2004-20240226-en
Behavioral task
behavioral6
Sample
Setup-pass-2024/SxsMigPlugin.dll
Resource
win7-20240221-en
Behavioral task
behavioral7
Sample
Setup-pass-2024/SxsMigPlugin.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral8
Sample
Setup-pass-2024/addins/FXSEXT.ecf
Resource
win7-20240215-en
Behavioral task
behavioral9
Sample
Setup-pass-2024/addins/FXSEXT.ecf
Resource
win10v2004-20240226-en
Behavioral task
behavioral10
Sample
Setup-pass-2024/bcastdvr/KnownGameList.bin
Resource
win7-20231129-en
Behavioral task
behavioral11
Sample
Setup-pass-2024/bcastdvr/KnownGameList.bin
Resource
win10v2004-20240226-en
Behavioral task
behavioral12
Sample
Setup-pass-2024/bcastdvr/broadcastpause720.h264
Resource
win7-20240221-en
Behavioral task
behavioral13
Sample
Setup-pass-2024/bcastdvr/broadcastpause720.h264
Resource
win10v2004-20240226-en
Behavioral task
behavioral14
Sample
Setup-pass-2024/data0.exe
Resource
win7-20240319-en
Behavioral task
behavioral15
Sample
Setup-pass-2024/data0.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral16
Sample
Setup-pass-2024/sxs.dll
Resource
win7-20240221-en
Behavioral task
behavioral17
Sample
Setup-pass-2024/sxs.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Setup-pass-2024/Engine.dll
-
Size
277KB
-
MD5
393b1e735bfbb4eb477e5e874a2df143
-
SHA1
6add86d9df22768650091327801d955d44ac254a
-
SHA256
7dd90579f190d6f57fec82372dc1ccc525ae02e0312c7b48f063ce1de4159fe1
-
SHA512
294f2b3cff13641af1ed52521be1862dee42eb320f89b2491f99c6bc83c6838397a3eb43c57ebee8407aa85628abebda279ed15994e6c31e1ad6fbdda72ac18e
-
SSDEEP
6144:XiHBjjCdNQ+rqEJ/HT8dAhzMdCOJUuHMFx4M3Xjz:XPdC+rz8yqdH2qn4z
Score1/10 -
-
-
Target
Setup-pass-2024/Setup.exe
-
Size
5.3MB
-
MD5
f8842eb19e08fabccc6b44e3d486f421
-
SHA1
b385bfa4fc281209226573e5ff30cb054ef8fded
-
SHA256
52bc27b219b3048e1dadf4f673281ced218a0ff023bea21f9d4fd09156bdf24d
-
SHA512
ec1aa745908a98b65e36213ece61fe0d488196e2a3135cee8937f3e3c7d6268ad040fff81b9ad961325e41012654bb5c41ffc92c95b9068bf0c9b44a2f86ca01
-
SSDEEP
98304:hLvMDe7SkB8nRHA3UYazCf/NH9ahq/yVlhs4VfSJXtHpivPrYGNgR2:hLvMOSkmnR+dazCf/NdyZNrqnePrfNgw
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Setup-pass-2024/Setup.ini
-
Size
2KB
-
MD5
3428c5c1c70a362e1e843902b72fdf00
-
SHA1
3d3f116cf71537e87811baa1fc396288e99b136b
-
SHA256
23010034944e02f06cd16bccebbb5e697d43cfd80d82d5f83fe163a1734d21c5
-
SHA512
60489fed8c74caf318fd451571f778f417f23a019e42e40818ace3bca85a53431577f8c1d0813b3644903e31d3e6db71b8ccb5c8b1f2157365e006458cc44e54
Score1/10 -
-
-
Target
Setup-pass-2024/SxsMigPlugin.dll
-
Size
3KB
-
MD5
f99cc48affc494fe82fc907fee9e9a2d
-
SHA1
54e393648404c48e77b869de6a99a8e2094c8160
-
SHA256
e2fa70d020ad492849ba1d60792ab2a8ab259fc7e3609a9c5f2a07deea765eec
-
SHA512
7b58da286d3b46344d9563397a9f145d741a89935c28d015183918458f8649301b3005288d3da658e863e0235b43ba6fe648ce0c5f6960ca7538bf3b0a9444b6
Score1/10 -
-
-
Target
Setup-pass-2024/addins/FXSEXT.ecf
-
Size
802B
-
MD5
18515f8ddaee2750c81d768f2c0e7117
-
SHA1
6f597c85e807c88d4bbf5dee7996ffb1df86825b
-
SHA256
eb747d87c739be28189684a84afcf6026f83e10c572492093b1e2efc573554bd
-
SHA512
b9aaf3900b80e5132c2cb8d5ba93f164a3f52bfea9267b93172edfb2c57fefa7558d7a447ae3bb8fbc99f8abdc0ae0e17eae1fbcfe383031e6b4b5487ba0eda6
Score3/10 -
-
-
Target
Setup-pass-2024/bcastdvr/KnownGameList.bin
-
Size
428KB
-
MD5
1fd787a28854979a68541a69e7f66928
-
SHA1
a2bc97cb5888c1ce92f5ca9017611dcaa6b795ff
-
SHA256
5e11cb486d2dafe5c5cbe61e4cc9fb3ce0f9d2d2595ac5ea4a6d8f368c29bfa7
-
SHA512
12e8f9be11986736d14998d091ebb70d2f861f97a84fbecdd8dc2fbb84c7c8d730ae8188c22ac481dca75c52fa761c5946899a106d5b234d2be752e120e1ac82
-
SSDEEP
3072:oQhTLwP0eyR9ZB1hjlMdN01qEbAo13wm7ldJneLHbpDbJWbg0DqdJJuFGDlQRTb/:fhTkP0j7ZLhls01171gm5neNFetc6b/
Score3/10 -
-
-
Target
Setup-pass-2024/bcastdvr/broadcastpause720.h264
-
Size
294KB
-
MD5
067d0a32b6b1509486339a3e307abc9b
-
SHA1
5a709d13e6967c0a30d3077f4883253fd6bbf194
-
SHA256
0ad4fda30f59be8c596757a591ef45cb00ec2f88b522d827e1e100bf4c503af1
-
SHA512
45e0a92bb8dbadb36d0994f3d6a76f54611a5d988ed16a4c62716cc5f4f960bd89c458b70800037ad2ffea160db0458e53509b144dfca3109490c3194dc09ee9
-
SSDEEP
6144:+I42B6W+6MlWnt8+0rKvx+tEfHiIgyn28PoQfdp2:t+6BnqzrKvx+t4HiIhPoyz2
Score3/10 -
-
-
Target
Setup-pass-2024/data0.bin
-
Size
214.2MB
-
MD5
bff3f63753d4981820d3618a640590b6
-
SHA1
e9f46c448c1168290132b97c8768db5b6a944807
-
SHA256
28063ee166a278a299f8da0cc3e32ff44a2942826d6822f9b5394e16a9b62cac
-
SHA512
a96c6c434e1dcccac93b072eb5250280bc87945d0efbb50c91752e0c4676524bfe466c912c442d59813381d49d4707c1e2b627ee4f7684eb4e06affe89760bdc
-
SSDEEP
6291456:/3eNI+WtsMeXrJXzhGM0ZnotGiCi7WwpFC/:fee+EsMkdgtZoZ7pFC/
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Setup-pass-2024/sxs.dll
-
Size
36KB
-
MD5
085f577b4c62e09f75976a42ad6e0ba6
-
SHA1
352b0ceff96e2b447f0b5831074ac64d4151fc31
-
SHA256
2a3f610ffb12bd04f14410ca0c4a597170a27100253d368e437d582e1294ff38
-
SHA512
c7b8107a13e86a8ff69eefb29dd78b57e2bd8867ba83ad8745c0ee14bd11e91d73c57c16d6dfd2a5660e2ed56b1b63b4d7aa524a7e89b18e31aca078018af152
-
SSDEEP
768:KuEgDJRJIxsudVcaiTGDIleiCoJAZ935ZEXn9i7dzv+Zj8+qyevh:K6DJRJIxsudIKDIleiaLsUp+9oh
Score1/10 -