13c784cca18a94ac2b60059e30f75dae749640feea1c7738b95c3cc93b529c03

Sharing

Copy URL Twitter E-mail

General

Target

OBS_Spout2_Plugin_Install_v1.8.exe
Size

355KB
Sample

240416-tbpwxaea83
MD5

22242f55cdab3701213e85bac7585b52
SHA1

a9264fdc715defee089f7aa9415a13e0f033afb3
SHA256

13c784cca18a94ac2b60059e30f75dae749640feea1c7738b95c3cc93b529c03
SHA512

49b80d459a9521b015ebeb21aca198a00dd94b35b70e6ec0f41ab09d29256126ce48b0032d2e54a8da2bbd1b0b03bfff691a243175668f7592be1f8f5253e7ca
SSDEEP

6144:3T4DtBqikdKDYlX6n5ouMzzMKMJ6+ZIhz7SrzxPjqJHaufg/z2KGimQVWJl:3T+qikqoX25o1Pu6+sz7SPl6auf6zvmN

Score

4^/10

Malware Config

Targets

- Target
  
  OBS_Spout2_Plugin_Install_v1.8.exe
- Size
  
  355KB
- MD5
  
  22242f55cdab3701213e85bac7585b52
- SHA1
  
  a9264fdc715defee089f7aa9415a13e0f033afb3
- SHA256
  
  13c784cca18a94ac2b60059e30f75dae749640feea1c7738b95c3cc93b529c03
- SHA512
  
  49b80d459a9521b015ebeb21aca198a00dd94b35b70e6ec0f41ab09d29256126ce48b0032d2e54a8da2bbd1b0b03bfff691a243175668f7592be1f8f5253e7ca
- SSDEEP
  
  6144:3T4DtBqikdKDYlX6n5ouMzzMKMJ6+ZIhz7SrzxPjqJHaufg/z2KGimQVWJl:3T+qikqoX25o1Pu6+sz7SPl6auf6zvmN
Score

4^/10
behavioral1
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  0a9fb96a7579b685ec36b17fc354e6a3
- SHA1
  
  355754104dd47d5fcf8918dee0dc2e2ee53390a6
- SHA256
  
  b34fb342f21d690aac024b6f48a597e78d15791ef480ac55159cd585d0f64af7
- SHA512
  
  67870206fa7f1e7df45c8c1bc2f51fb430f0a048a2bdb55a4a41525388ca3b50203784537f139169705a03db4bb13b591162a79a5d2df81a4d11fd849615c86b
- SSDEEP
  
  384:EFC43tPegZ3eBaRwCPOYY7nNYXCg/Yosa:EMTgZ3eBTCmrnNAo
Score

3^/10
behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  564bb0373067e1785cba7e4c24aab4bf
- SHA1
  
  7c9416a01d821b10b2eef97b80899d24014d6fc1
- SHA256
  
  7a9ddee34562cd3703f1502b5c70e99cd5bba15de2b6845a3555033d7f6cb2a5
- SHA512
  
  22c61a323cb9293d7ec5c7e7e60674d0e2f7b29d55be25eb3c128ea2cd7440a1400cee17c43896b996278007c0d247f331a9b8964e3a40a0eb1404a9596c4472
- SSDEEP
  
  192:nenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XBDIwL:n8+Qlt70Fj/lQRY/9VjjfL
Score

3^/10
behavioral3
- Target
  
  $PLUGINSDIR/ioSpecial.ini
- Size
  
  211B
- MD5
  
  e2d5070bc28db1ac745613689ff86067
- SHA1
  
  282e080b4cf847174c5c11e4f9157b8c338ecb19
- SHA256
  
  d95aed234f932a1c48a2b1b0d98c60ca31f962310c03158e2884ab4ddd3ea1e0
- SHA512
  
  a50ca2014869629135b54e848f03cb4983ad8029cd811300d02b0fc54de0436185f418fea4d3db888eb0f3170e33a59d486aa885f024ab29e630e9bc0ae1a2de
Score

3^/10
behavioral4
- Target
  
  $PLUGINSDIR/modern-wizard.bmp
- Size
  
  25KB
- MD5
  
  cbe40fd2b1ec96daedc65da172d90022
- SHA1
  
  366c216220aa4329dff6c485fd0e9b0f4f0a7944
- SHA256
  
  3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2
- SHA512
  
  62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63
- SSDEEP
  
  24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz
Score

3^/10
behavioral5
- Target
  
  data/obs-plugins/win-spout/locale/en-US.ini
- Size
  
  684B
- MD5
  
  75e626bd1a16f6842c6bba1611013f7f
- SHA1
  
  d986f40c423b3e371b938cb60cc5d3ee42b6c730
- SHA256
  
  74b440766e7146d263b870dd4a0ae742d6b7be9c446d379e84a15355f21f62c2
- SHA512
  
  45ef40561bbdfc5ea18862c39abcd644e7e811ad7c18a908ba43a9f13ed4a6d0b4240d2f9a469edda75f3d26445f988365c6f125ecc657f1b93b289370f74cd9
Score

3^/10
behavioral6
- Target
  
  data/obs-plugins/win-spout/locale/zh-CN.ini
- Size
  
  496B
- MD5
  
  810da7b9ef86398a9e64cf395ae7e002
- SHA1
  
  e78434cb910b1cb0371ab97966db818cde0a7cdf
- SHA256
  
  469a08d2a56ad63bde072114ea3e32913bd1eafe09adb751388efb752b7be09f
- SHA512
  
  b5b1d8b0bd220ab916e2e0f299e53b770f061747c17f2414172ead68438967d2548312c607dcf84d8fd9ed15b41197a66017628d19a7a3fe0b8c47eb85beb9ec
Score

3^/10
behavioral7
- Target
  
  obs-plugins/64bit/Spout.dll
- Size
  
  197KB
- MD5
  
  c1ae33bbf760f5ddbfa549057ada43d3
- SHA1
  
  9f26902186826038430f605102f495e3f0e969ab
- SHA256
  
  c096406f983a2b1f56fc1d5cca54098ad7243708b52cd34cc2333bc72abf9ccc
- SHA512
  
  8ee0864e310734654dd6077e60bf15be16d2825839f8bf15c89e5c6c254ebb252090411377a8890cb333d1be936afb38a576d3a3cd17ec970034740dbadbec4d
- SSDEEP
  
  3072:gyvWbCuDAsa042I6gCIRUS/K3dkqr0D6O/WSm0AvjpIzsXbPWD3siDTZb0:gyvWRa017ybK3dV0D6OMuDDciDTZ
Score

1^/10
behavioral8
- Target
  
  obs-plugins/64bit/SpoutDX.dll
- Size
  
  144KB
- MD5
  
  7bc915ca83456eb358ac7a753fd7d51a
- SHA1
  
  c467f2577ff5f95563e96e71a54bf8b1fc06479e
- SHA256
  
  7584f98b51cc80d50d7255eab51ddef4b954ab4bb28c3e5b6f43cb680f82b3bc
- SHA512
  
  0f8eecaa439648bed9155a3cbded7299d2a0707a85446a4a99965e96673baf12bc11dbade1183e317ab93e2992778670e45170fbcef8b84a226fde950248a8bc
- SSDEEP
  
  3072:OILkVqBuYVNcfi3O1nHRylzRmDZMCgsFNR76s4y:OVVqBDGVHRQRgZdP76s4y
Score

1^/10
behavioral9
- Target
  
  obs-plugins/64bit/SpoutLibrary.dll
- Size
  
  191KB
- MD5
  
  7d1e53fbfc7d9131771bc0952a4feec7
- SHA1
  
  a38467d6688802321c180106b48e6d971834c245
- SHA256
  
  f9cad1eb9934257f47f4219f74dd83cbb781b2b0689e9faf2a76cd7fa75a406c
- SHA512
  
  031eba74c4879ec5f81b99dd474e558272a14daf4ba962921c01b97536c565410a5585f79abb56e3340280cab9f84f8bf38d8065dc91f4abe03a0abe9034db47
- SSDEEP
  
  3072:tqSYdIVoqyZDgBRrlzc4sS72UCa9hqcQ2Ww3aWkyZysLOPM8EHuZ6:tqSW3705IRS72UCePQZi2EHug
Score

1^/10
behavioral10
- Target
  
  obs-plugins/64bit/win-spout.dll
- Size
  
  57KB
- MD5
  
  f7a00126200f359fe1ab371dc7efaaa0
- SHA1
  
  88d596414e0b84892aafc7d73e7935e47f6b8bdb
- SHA256
  
  18da15e559b06de8bcc2f719e5857eab486835a98565b95c73cf3bb0e0b788d8
- SHA512
  
  850aafb03da546dd74e5473360e830ca25d27d815369bb9e7be5da9c24e6c71f840de5d3a530da2e61ed071fa50df703009ea838f6ef76d0c1727b801407d9a3
- SSDEEP
  
  768:uk37KFk+C8guJUoUrV20tgSIIY9nBXCJiA6Ti9gAVQvd:Rl8lUrXtgSIIY9nBXCJiA6Ti9gAVQvd
Score

1^/10
behavioral11
- Target
  
  obs-plugins/uninstall-spout2-plugin.exe.nsis
- Size
  
  1KB
- MD5
  
  1b670af31f91c9d80ef9282d800e687a
- SHA1
  
  e0f1b0d4bc955ea5039241e3bced4a93fb2eebfe
- SHA256
  
  a7483c3d402e67f7e7001ebd0a1e1da13a41a99501b0559d76fd479bfc0c8c6d
- SHA512
  
  e6e8e4bc2d4b9c918d1dca8f42a0f8e504a22eae787c79a14fc81c7a35200701879e348957f60a460c0f8164186319cdd1ef70cdcdea857ca98207f2a33bd79d
Score

3^/10
behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12