Overview

overview

7

Static

static

7

FL Studio ...ce.dll

windows10-1703-x64

1

FL Studio ...up.exe

windows10-1703-x64

7

$1/EQUO/IL EQUO.dll

windows10-1703-x64

3

$1/Help.chm

windows10-1703-x64

1

$1/Paramet... 2.dll

windows10-1703-x64

3

$1/Paramet...EQ.dll

windows10-1703-x64

3

$1/REX Sha...ry.dll

windows10-1703-x64

1

$1/Stereo ...er.dll

windows10-1703-x64

3

$1/Vocoder...er.dll

windows10-1703-x64

3

$1/Wave Ca...dy.dll

windows10-1703-x64

3

$1/WaveSha...er.dll

windows10-1703-x64

3

$1/elastique.dll

windows10-1703-x64

1

$1/oggio.dll

windows10-1703-x64

3

$PLUGINSDI...ol.dll

windows10-1703-x64

3

$PLUGINSDI...il.dll

windows10-1703-x64

3

$PLUGINSDI...ns.dll

windows10-1703-x64

3

$PLUGINSDI...fo.dll

windows10-1703-x64

3

$SYSDIR/FTD2XX.dll

windows10-1703-x64

1

$TEMP/IL D...nk.dll

windows10-1703-x64

3

$TEMP/ildo...ll.exe

windows10-1703-x64

7

Deckadance.chm

windows10-1703-x64

1

Deckadance.dll

windows10-1703-x64

3

FTD2XX.dll

windows10-1703-x64

1

Readme.rtf

windows10-1703-x64

1

deckadance.exe

windows10-1703-x64

7

FL Studio ...ed.doc

windows10-1703-x64

1

FL Studio ...ne.dll

windows10-1703-x64

3

FL Studio ....0.exe

windows10-1703-x64

7

FL Studio ...up.exe

windows10-1703-x64

7

FL Studio ...rd.dll

windows10-1703-x64

3

FL Studio ...rd.dll

windows10-1703-x64

3

FL Studio ...ll.exe

windows10-1703-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FLS.8.XXL.PE.v8.0.0.RC3_[RH].rar

  • Size

    155.2MB

  • Sample

    240420-18altaca2s

  • MD5

    35ef84ca63a0e052e25331787b5b235e

  • SHA1

    086d2f0570b22d4c248404565ae2a10d93a5030e

  • SHA256

    44844bb61502501691a4a02429fae30625d425f1f45124abef82d967ea7e2f0e

  • SHA512

    8550c34eb2b873cc9001ae5f3f607cb02c9c8127156b86a778bfd784f20e8651e5d3a6fb93308a0494fc89417c117c51b87683f7087f2fc626561bd1872461e6

  • SSDEEP

    3145728:xrlbKoqpc3y1LXxxUeb77jzRDQ4cH7HPBhPvnlaW1qSloIK9Qv:xZbKoglxxUe3zRDQ4cH7HPBtPleSTK9Y

Score
7/10
aspackv2discoveryevasion

Malware Config

Targets

    • Target

      FL Studio 8 XXL Producer Edition v8.0.0 RC3 (plus Plugins)/Deckadance v1.31.0 Club Edition/Crack/Deckadance.dll

    • Size

      733KB

    • MD5

      9fbc51664d466077feef6099f5477043

    • SHA1

      a74cab8b69728ba769841e2adf16497ffd9277bb

    • SHA256

      638a2f307a5ae4fe278315f4dcaf52b7fcb899de373da14ccac3dd419a21bc82

    • SHA512

      d19030218e2445c0c5b13254f080274d0f37286f58553d25d07ca1e510729a4905211f785dc272f75fe3106c840ecd48ac664934fec6d9edbabd0bdda2f46798

    • SSDEEP

      12288:vQdw3IdeU/WO9JnoSi9LC+WFrQF1xHa4Ppt2JfZqaFP1BEF2SJWPCZHBvsDH:vQdVPFEXxHHPpyhqi8DJWPCVBvCH

    Score
    1/10
    behavioral1

    • Target

      FL Studio 8 XXL Producer Edition v8.0.0 RC3 (plus Plugins)/Deckadance v1.31.0 Club Edition/Deckadance_1.3.1_CE_Setup.exe

    • Size

      34.2MB

    • MD5

      04c946a0a50d9a94186b23e110b62b2f

    • SHA1

      4a43733aef52ba0751c639e9d42deea64908f9cf

    • SHA256

      7511d4c5043f6719b15b6f4ae0a1a3e766e9c48557844ced09c1f58fb4751d03

    • SHA512

      c5679329ac715bbba32860269fc4058fe20ca58d991ee1bef9ff3522451e2f638db377d9144218b74cc855706dbf02f0739780b2af7e92c4527b3a7079bc176d

    • SSDEEP

      786432:e8iHfuDcOpFbzSdB3qpc39dDuNP9dozFHFKA+ahAe62+v:eb/uYOXYqpc3HSNPLKVUur6n

    Score
    7/10
    aspackv2discovery

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral2

    • Target

      $1/EQUO/IL EQUO.dll

    • Size

      547KB

    • MD5

      f462e9c18c6bb9a1550ba01e56059225

    • SHA1

      37c9cb297689a75ef3e6dc8435d32644c3502b70

    • SHA256

      d6403257944e9561e8136bec87960cf7a6d8ed181553d2310bed985f0cefa2e3

    • SHA512

      c2bf20c3abc4c3f85f208e1112286ad9cb6d3de435240fe8d2c52533fbbb1577eb481945ff4faa18797bf3492fdcd633ea9fdaffb1e60ab74689b0e2fcb841d6

    • SSDEEP

      12288:6bQBssbW74BNBqJb8/+75jlKtpVEwlHPxcgWPCZHBhi3:SQ26DNs58/+75QtpLlHJWPCVBhi3

    Score
    3/10
    behavioral3

    • Target

      $1/Help.chm

    • Size

      879KB

    • MD5

      953fab9ecca76d219ff7e602b7846860

    • SHA1

      25d5df67592ed75f05a7b105c4ba45e4fc615a1f

    • SHA256

      e65c1484f02aacead6a351b957473dbeaf49b2e628d5f5460fd39b4a0053d760

    • SHA512

      3c80cfd0aa0f96f081acbce8c0de29b519a194f308f049c965b8ebcef66912096b45b0f037a707decd3a0b9d746207cc4bc0690ea171cb1108f290f656939140

    • SSDEEP

      12288:pui6YaP48InIBz1Izvi1QPZQZWSq17cWUPeJQY3ezpVsd/2mXvbjpZvM5bXsCymg:puizMcQZWSqtMiqzHsd/xz9Zvse

    Score
    1/10
    behavioral4

    • Target

      $1/Parametric EQ 2/IL Parametric EQ 2.dll

    • Size

      513KB

    • MD5

      e53c5ac57bdcc1356853a9aa0b7fa52c

    • SHA1

      702a01ed802e71652ab70d3cada2521b796a96a0

    • SHA256

      a02c0c776f7a153fd78e642fe0a1fba5555607282b9bdc68a54032695c89f86c

    • SHA512

      ab1637d594c6d776f37140a65096422a97ba73461cd8e2d69a7db80688779a97e70f393284ccd34af7d9b1862a81074b36398b790d835ba079025ad824b66f58

    • SSDEEP

      12288:mAOb4AZppppSJi8VRY89FE3xFJbRWPCZHBx8/6DHqk:2btppr8V9nw1RWPCVBhHqk

    Score
    3/10
    behavioral5

    • Target

      $1/Parametric EQ/IL Parametric EQ.dll

    • Size

      522KB

    • MD5

      5d1034f96b9c5187b34acaef91967ec5

    • SHA1

      00073da1a2fadbf3a4c1742bb977c74f5c912165

    • SHA256

      511bb79c8b010a99a1dc3fdd842dc0f394c3f16a9626e18d4647aa2cb2071667

    • SHA512

      7c0f910e88d4d0c58baf6952af35718f8541fab3ab79f64832c6b3e41548139a276052293b43e4814a5b21deabc8ae8a8f9541e6f204a7e57497284dfc87c11c

    • SSDEEP

      12288:+ICZ/WnfBTBdI4Iqr2oRgc2TF53MvuBKqWWPCZHBGK1JKFjP:+TpSBTc4XFgPTP8vKKzWPCVBDO

    Score
    3/10
    behavioral6

    • Target

      $1/REX Shared Library.dll

    • Size

      228KB

    • MD5

      2612524c9ebeffe1dbeeecaff2393269

    • SHA1

      00701ee499528abf6be0a1a28da01bc82946e0e0

    • SHA256

      7848629cb8293117055423c291bc14c3f0139e68293689c7852a9bbcea3f17f1

    • SHA512

      7963ddf31171bc392cbab82e339810a459c8aed19ca983ce5512c77d67dbc979485f436e2b3eba3b8b483cd003f0c3692bd4e400f9455cad8bf14389a66672a7

    • SSDEEP

      3072:W1RF1vYoipgZ3RyBKXRXzBB8Tgi9Ag0Fu6OU+mlv2S/S1o5:EFl/b8T19AO6OzS

    Score
    1/10
    behavioral7

    • Target

      $1/Stereo Enhancer/IL Stereo Enhancer.dll

    • Size

      485KB

    • MD5

      b7c87ea475634903bb7faaf2f0722f98

    • SHA1

      46a2f3bd664a129057512eeec5bc612f30fa7fbb

    • SHA256

      d373ce0b8bb9a3a8f6ce140ece7a18cf5ff6d231575add8d93628d752395bdc7

    • SHA512

      f6cebea8eaf429c8abf78496d0d78a5bf0f90a3078b3c40298f8bcb6123a9b1f3bf6a3e78aa0c236cd690b617ea613ac48ff6859453acfd388c72745ff7e666e

    • SSDEEP

      12288:EdHZKtlEz3BrdB8wSjf+/KCk5lWPCZHBL9DD:yKbI3Br/SjW/eWPCVBL9DD

    Score
    3/10
    behavioral8

    • Target

      $1/Vocoder/IL Vocoder.dll

    • Size

      492KB

    • MD5

      a51b6eda549f00e0911a4b04fd58b919

    • SHA1

      5e1601b2a6c96d859469f57dda282c40635398d5

    • SHA256

      421bde171cd176579a815d9972fe410de825a6048dba805d8b20bea08144efd2

    • SHA512

      0fa0b4b73dc654f599370c63b1a07e2f12ce4f915a9821aa827b24247e0fc7e6ee0bf6578e10fefc8401f6f4a702e6e6e0645ad1d4fd9bc0a888f99040e30524

    • SSDEEP

      12288:HjWJ3O03zJyCh6+ZAIjMCLWuUVMb6WPCZHBZ+H+y2:HiJeQJS+KIjZh2MOWPCVBZ+H0

    Score
    3/10
    behavioral9

    • Target

      $1/Wave Candy/IL Wave Candy.dll

    • Size

      538KB

    • MD5

      baf5b38a776d702c209ee01220cc9359

    • SHA1

      380bc68546c2896ad1362106b7560482587fe175

    • SHA256

      3c2013a62be56ca468788840c48b4b8d004c7f060043903e761651013ab3899d

    • SHA512

      2dee93e8eccdcab117b7fe9fcd1d9f6e12c788e6e2d96b2d12a405a1494171ad2fa700bc075e429e06fed9e7df6b396ffa15d4725ff43b8bffc5222dfbb19a0c

    • SSDEEP

      12288:7vDO3eU37Pc+MzKlHz8enWgVNMDdWPCZHBSKUZdxM:23eUrk1K9zPnWg/MRWPCVBSvda

    Score
    3/10
    behavioral10

    • Target

      $1/WaveShaper/IL WaveShaper.dll

    • Size

      657KB

    • MD5

      0575f8a4e2f8d3f9bcbb9921a193cfef

    • SHA1

      65ec794deca2b08f8682370b79449f4d398ab63c

    • SHA256

      efc939e89daa0cf0089dfe5eefe80420a4ee58623f09255de24bb39b12f152f9

    • SHA512

      064a2d82261147804a35e51892f5b7fe0b5a33cbca73770dc1ed7b5cd2aab80e6bfbff291a1c1ea2d9f7654a1f59379f8b6301fb68ce404f85ed6ad3e941bf3b

    • SSDEEP

      12288:ruA5jFou5N3BHHnxDcKR/Z9rn7VPPAkUeEtarjqUk2XlrH6nWPCZHBSha/6j:dVFou91Htr77d4kUeEo/dkyH8WPCVBSr

    Score
    3/10
    behavioral11

    • Target

      $1/elastique.dll

    • Size

      548KB

    • MD5

      14437398f35fc697083a3b1b78e84f97

    • SHA1

      f4b197183204a760c047c559d769ee9a66b04167

    • SHA256

      e33492d1aaca61a6a24239cd72a24f98f5d38465f1a9dc68cf23f94241c6185f

    • SHA512

      78facfba0a83d19741dda4d43949d5d1b93ff407183d584b7e778363aa71118854415d9df905b8c9a154bd8b0a0383d1397956095fb6a94150517675b371414c

    • SSDEEP

      12288:BNXwvuI/8dIzwGR+gS6dARI2rg9EgRsfkUxamdO:BNgvuI/8dIzwI+J6dog9EQSFxl

    Score
    1/10
    behavioral12

    • Target

      $1/oggio.dll

    • Size

      284KB

    • MD5

      b1868232cdeb47a64c92dffb582c5983

    • SHA1

      c536e24b9f80c65a2f0490e365fa554844f57f4f

    • SHA256

      90e656ec1d11f64b761079d034d4c23d2a1669d698afc8fc0b9832986448b826

    • SHA512

      3fe5fd59fc47cfb4fbe22ba028afd87a892047dfc7794ad11f7b82ba9198ca7ea50697addffdc5d56c9abc247c2f5984dd14197184c83c8cc3dd31ac2ed8c3fa

    • SSDEEP

      3072:vbuP9zyXaDQieTSUoVmHIm927rxZ0Q2RhaXwcuAg0FufBNLHXZtKMR0I:v6PZqSFmib0NLcuAOZJzR0

    Score
    3/10
    behavioral13

    • Target

      $PLUGINSDIR/AccessControl.dll

    • Size

      9KB

    • MD5

      9d870be4d8f4b4ba119588aac5890dc5

    • SHA1

      d642c04489e9acd6fffb4fbc5fcf4580c819d8e3

    • SHA256

      2ed79264fbd6f3fa15a01bff7e57d1d5cd6de74f08e07e8386738abc93387e39

    • SHA512

      edf1d6b947412eae500b13ab1d712796531d23665ae6769c4d0b4abf66574c7b7f97e9af753c01d1115456bad28052d9b6f580324a8a1ddc69453a1bf5473785

    • SSDEEP

      192:iUiozaRnuZQu6KXvGihdB/lZV3d6NHXkXGGwQ8U9:FioXTxBrVMqwt

    Score
    3/10
    behavioral14

    • Target

      $PLUGINSDIR/ILInstallUtil.dll

    • Size

      88KB

    • MD5

      11f9fff78b33eef949d37e9ffeebb607

    • SHA1

      0ba5b645a61164d9abaa589d9d494d4b99427933

    • SHA256

      f5f16fdff0d1f0bb0af3ed747c4d6e46cabfc51e4aed9aec098f288666c0be91

    • SHA512

      4939a5324f121dd1cf294a17b40a7f47fdf32c94cf546aeaabad478bb677821fa4a6abe8923f76e703ab79bea96eccf9a2125458cf77891892433e36158dceb6

    • SSDEEP

      1536:mgAGHOPtkyJUEFgVhS5E2VGrIMYm8Ax8I/LGQ9:mgAGH0C+shS5JVGcmxx8UGQ9

    Score
    3/10
    behavioral15

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      3809b1424d53ccb427c88cabab8b5f94

    • SHA1

      bc74d911216f32a9ca05c0d9b61a2aecfc0d1c0e

    • SHA256

      426efd56da4014f12ec8ee2e268f86b848bbca776333d55482cb3eb71c744088

    • SHA512

      626a1c5edd86a71579e42bac8df479184515e6796fa21cb4fad6731bb775641d25f8eb8e86b939b9db9099453e85c572c9ea7897339a3879a1b672bc9226fcee

    • SSDEEP

      192:i6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxT7K72dwF7dBdcQOz:i6JaVh4I5rpPbT7+BdhO

    Score
    3/10
    behavioral16

    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      3691c07a4c5f9e12b96a61bd4b28002c

    • SHA1

      831ea22da1971be4f33e86e96bcf66fa051739f0

    • SHA256

      9d0b769ccf9eb460304302e2ce1958001089718baa58d9cf71f4ec3fce8f4922

    • SHA512

      435de907053d68c970654992f1b4c8bbf651e722c1c206601fdfea7001bf15fb465d97127d90fbc73fa58a99e4e511fff2c85cb866d0216e80c518cf175eb5a6

    Score
    3/10
    behavioral17

    • Target

      $SYSDIR/FTD2XX.dll

    • Size

      172KB

    • MD5

      aa8046aa6726e0a2b0cda65fb5d2cd8d

    • SHA1

      9decf4ee4cfabe32e05af7b0e8ea2ea872e01a18

    • SHA256

      391644ee8db7dd5fe5ceaf612ea963280a54e4f4e03af8faf2008c35039a3c06

    • SHA512

      18e6c3f7a6dfd9f8271266df362fde7e1ee7db7ccca14913f4b785130a712b22f7bfa4fc757736c840aadcb94c05453964654ec7ce82d5013a1dfcdfb837cf50

    • SSDEEP

      3072:xa6Uqpl6dHk1QcUAC33DFMlLi3H4ixt06qY5nutj:xacpIkCHDFJ4qh5ut

    Score
    1/10
    behavioral18

    • Target

      $TEMP/IL Delay Bank.dll

    • Size

      525KB

    • MD5

      681a59938ba6d6864f5a4246cb810855

    • SHA1

      750433adb36ca5fbc7fb706137b765222189f9db

    • SHA256

      67ec429e80c1b86a452c89b9dcbfffa5a6b92ec11811231abddfa9a3f226a56c

    • SHA512

      b41c60bfafac25e06c0888a9f11ec72421aad0d0ece19ba8c252ee903f2eb791bc456dd17a2b53d3a47a7e4bfd5b20da771293aea1f94863fa7e146035290429

    • SSDEEP

      12288:xDk+B/7VSRZZ9ShsnEo3Ts4/5BnWPCZHBsdLn:Vku7Vo5Y4xdWPCVBsdLn

    Score
    3/10
    behavioral19

    • Target

      $TEMP/ildownloader_install.exe

    • Size

      1.7MB

    • MD5

      0cc8344a89559936d55d7b701f7b2f7c

    • SHA1

      50c8cc94051db62318cb0d4907d526c1179fbb71

    • SHA256

      ab14a39f202f8bbd5ded649abb1c3a98cf2df5267150ecb247f4c7cbc2646849

    • SHA512

      0dab2206437355ae07d37a03ca1daf1da77b53905aacb9a6b7a631be944fe3eedb6055e44530664e0a652f5440fb717284708ca5cc47655d4922b3c25acf0c01

    • SSDEEP

      24576:tK6PfKY7OORKPDAWkmvAEFpHYvdlHlollvw2xKBI23cnKaZQcJge4SDNCs:hHKY7tR8vAEwVTow2QW2srDx

    Score
    7/10

    • Loads dropped DLL

    behavioral20

    • Target

      Deckadance.chm

    • Size

      1.5MB

    • MD5

      f941d53283a64d0c27e0d76bcc89bb71

    • SHA1

      b852f6bd70c8474b1c8fd9a8a63a0c8894ddf5d9

    • SHA256

      5850222ef9615509fb75fb06b5ccc6ecbfc77942c757905741073d63929c830c

    • SHA512

      fd7d8396d10020cd7b00aaf2d06eccbe7119c5e65691bbeb734d0a14301e77b33ba9f2011b9355959950a449869500ebc6ba6fee14fb67c2a08e6376c5bec4d3

    • SSDEEP

      24576:I5ArabtVfyjfv2MKWWtj+7Kzz00ENspse3vYOEn4Z8fp2x5WmH7Qn2:SbtVfyTuJiGn00ENG/YOEpIt7K2

    Score
    1/10
    behavioral21

    • Target

      Deckadance.dll

    • Size

      720KB

    • MD5

      d2b13ca4faebde26955c1b00d3f0ec58

    • SHA1

      bcab1a1cc75429060cc2b4841135526731401f14

    • SHA256

      5af9a33d9136250cd918fea1603c2f678a53735af23714fed0692f746bb24f19

    • SHA512

      80d37f4020f300ee77887a5fed05bc0e47715b7d70b4200800730ff542a40aa198cf7447bd7ad52e760f6ada788bea2ebc1c29f79b067402f0129bcadd939894

    • SSDEEP

      12288:SWcTNycPRK8gOyi0XskJnZKZflmazWKYoVaNWnFJxzd6WlHeEB12:GTdPw8h0Xl1kZfzzWKvVa61d6W19D2

    Score
    3/10
    behavioral22

    • Target

      FTD2XX.dll

    • Size

      172KB

    • MD5

      aa8046aa6726e0a2b0cda65fb5d2cd8d

    • SHA1

      9decf4ee4cfabe32e05af7b0e8ea2ea872e01a18

    • SHA256

      391644ee8db7dd5fe5ceaf612ea963280a54e4f4e03af8faf2008c35039a3c06

    • SHA512

      18e6c3f7a6dfd9f8271266df362fde7e1ee7db7ccca14913f4b785130a712b22f7bfa4fc757736c840aadcb94c05453964654ec7ce82d5013a1dfcdfb837cf50

    • SSDEEP

      3072:xa6Uqpl6dHk1QcUAC33DFMlLi3H4ixt06qY5nutj:xacpIkCHDFJ4qh5ut

    Score
    1/10
    behavioral23

    • Target

      Readme.rtf

    • Size

      616B

    • MD5

      40b10d2f5cc9b5c7f1d1de4def633713

    • SHA1

      3d11a32b6331f8a279bc94535b0436bcb1222e3f

    • SHA256

      b6e69ed1e4fbe918e920d429bdf58d64476e516de1e1a91769e9041c46cf6744

    • SHA512

      1b5817f704592326f8868eb8990bf2283c01cb9490e7a67711a9835690aa0cfb750a12a13ca9d52fdc607c850c27332e6363cf40098adc590ffeab1f0233ebce

    Score
    1/10
    behavioral24

    • Target

      deckadance.exe

    • Size

      1.0MB

    • MD5

      2d490aae23ce3fec10e64b652dc5a083

    • SHA1

      84c737e9cccf4e3a62766eadde1e01a5cac3c9e9

    • SHA256

      ed5c4f38ca0079e6fde7a1597c09a998c89f0426a663cb9954b4ba53ad96a40e

    • SHA512

      de132e0ad1f7a8fec76fdbf57b8c19cb5288e79ab72ae1a61d228cd88113acd962c8b9058ef5037f74f94a01b233044dce30055a2306f065f8c6813e98ccdf10

    • SSDEEP

      24576:NW7b2QnXsonVZkxaA6YHPbdX4anQOSHXR5JTvSPi+r:8VrV9UzQ7JTaPiK

    Score
    7/10
    evasion

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion
    behavioral25

    • Target

      FL Studio 8 XXL Producer Edition v8.0.0 RC3 (plus Plugins)/Deckadance v1.31.0 Club Edition/Getting Started.doc

    • Size

      8.4MB

    • MD5

      ddac2fcaa3fc8998891614c6034fc7e6

    • SHA1

      7b9a43ce7a280e384d076428de048b40b838b118

    • SHA256

      fa6133d851520d2eacd98ce154902d5f9baedd82da7bd38277325fc32fdccd38

    • SHA512

      e01f2ae1efcbfc8fe2e699e7b1be1d05360788d344f7f7c5ad0c337d43af6ce8805493fcbb1b6b5a3e642ffd4561aafea7475a00a7c3dd3a411bbd4bd0e039a2

    • SSDEEP

      196608:t1kG9tQuX0PoimJrLZU8ASNo3ElTFdeB:fdthEoimJrLZU803Eh

    Score
    1/10
    behavioral26

    • Target

      FL Studio 8 XXL Producer Edition v8.0.0 RC3 (plus Plugins)/FL Studio 8 XXL PE v8.0.0 RC3/Crack/FLEngine.dll

    • Size

      1.5MB

    • MD5

      8ad9427dd56bd35e6e9330069485c1a5

    • SHA1

      a09923369f796eea0d77e1026d991fe229f83733

    • SHA256

      e97ebac8cff281c364eb53e712fc7969bbd871043062c59b172fe2b89960a1b9

    • SHA512

      66eb7dd22dc4b53f2e2a2ef4f592cda54b7ba7cb55eaa73feb1c972d1a419c678cc0628c49d414878f0597dfa3a8ff5917873ba34393b51ec106f401cdb0922f

    • SSDEEP

      24576:GsFfQQXVTcdVbSn+kRqCyGvCoTrgE2Gu9mo6HazGQvO99sYFJzm7ZoQlvayXew9+:GtQXCbBkR3yTCrg5NCoGYO9FfzmeQgyu

    Score
    3/10
    behavioral27

    • Target

      FL Studio 8 XXL Producer Edition v8.0.0 RC3 (plus Plugins)/FL Studio 8 XXL PE v8.0.0 RC3/flstudio_8.0.exe

    • Size

      97.7MB

    • MD5

      9f4e91856dc59395498797636d19cefe

    • SHA1

      11361d47bfae16cd95c5892269e13b893866bd04

    • SHA256

      0aeb7709e681be290d4b4887fb12b2f87ac72b598f1f74a528c9f4975756b14a

    • SHA512

      64ed53c1e623e4f43bce0d45cd6ffa731c73e6e1795b4a98711435dfe862fdb9200f7ebf9c3a689dbd6f75a22477d999e5236722a9ccf7199879f63513f8d155

    • SSDEEP

      1572864:dN7LnrH36EsCd5jreuWgQSjzAu27HEnEOuhPvs+dX+G8W1vPKN4NXimvoIo3pTQ3:X77jzRDQ4cH7HPBhPvnlaW1qSloIK9Q3

    Score
    7/10

    • Loads dropped DLL

    behavioral28

    • Target

      FL Studio 8 XXL Producer Edition v8.0.0 RC3 (plus Plugins)/PoiZone v2.1.0/PoiZone_v2.1.0_Setup.exe

    • Size

      6.2MB

    • MD5

      c1e2b5b34d8038ecae66a7d7f8ed9cb1

    • SHA1

      4155ec9653e904ed668681dbc0ec3c8f2809e800

    • SHA256

      3dbe95bee60b73992f30d691fd7c683c65ca8f0f94db20a147bbe28a9ece6dfe

    • SHA512

      49a7b0e7db7c8e29dd41a1bad6aca99d1f6d7c18a097632cdd108c07bde2f69834072c45e9b7ba057ee053c335e435f1d64d1f81966745b0325f7ee711ef22e4

    • SSDEEP

      98304:iolaK5TR9qLSa+5vpYt3Ls3wqLNXM5nb1TISq1R2GbfOWoQs9QZDOOjKS:im5USaTw3wwMb1hqiW/oQsilOOj7

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral29

    • Target

      FL Studio 8 XXL Producer Edition v8.0.0 RC3 (plus Plugins)/Toxic Biohazard v1.0/TBH.1.0.pc.fli- Crack/Toxic Biohazard.dll

    • Size

      402KB

    • MD5

      497cf7189ce0cc157b243654769f4815

    • SHA1

      a3d721076e39cda78d4d2396184e28f51601f3cb

    • SHA256

      18620e4f1b92d05bcad93a6b76b6ed0b773d6bf5645e156a47744fa6bf8ac477

    • SHA512

      a99523900983c0e37f178ba65367f8d7eea58e3f38be0e1b240f925d04ff86c0969c1111a4efb707f3c58f709bc954aebae3b4d9239ac61b0d10a853bb9cc7ec

    • SSDEEP

      12288:GNkDu9vb25SnSfGu/JpnEhyqWPCZHBfFYtZw:kmu9zvSBpna3WPCVB9AZw

    Score
    3/10
    behavioral30

    • Target

      FL Studio 8 XXL Producer Edition v8.0.0 RC3 (plus Plugins)/Toxic Biohazard v1.0/TBH.1.0.pc.vsti- Crack/Toxic Biohazard.dll

    • Size

      403KB

    • MD5

      17337ad7537822f7c849e8d1b43be622

    • SHA1

      e0089259c6ce3409835ea141085b1398c86cdfec

    • SHA256

      2f354227986d58e8a7d31ad35b4704c2a4f7e306a10532b3dc92790d65a61088

    • SHA512

      cd83b399594f6aa2a2634a1ac03c074d5c65acf14c7261766ba7087da48d3e16e907fa960da5beb0db0e0ec55e6bd003756c765df601dc24d8a27351c1b1254c

    • SSDEEP

      6144:en301YKEBS2WBQdu7FxA8hwzlWbgWVQTHXpE1tlTU1msMLbX5/n+aCP0vdZhhL0c:enEyK0S2CXx4JWOT5mlT1dWPCZHBGbMH

    Score
    3/10
    behavioral31

    • Target

      FL Studio 8 XXL Producer Edition v8.0.0 RC3 (plus Plugins)/Toxic Biohazard v1.0/toxicbiohazard_install.exe

    • Size

      4.4MB

    • MD5

      0b7179d908a1cf8e45118a93dd8996d0

    • SHA1

      a21821b8c86b9c6ade6c0c087ecd3caa310ae838

    • SHA256

      99681280861f2dfacb01833bd4767ccc65ec1f2b80d712033d3a6853efcb6b8d

    • SHA512

      dd843ecfc7124d930929ff89cd9bf8b1a931ce2f1adcdc221a9c90bb9c471ba3860411f277bdc53ead64d86f87957ee28e8e225866993ee96674507faa9b77de

    • SSDEEP

      98304:iwTWp249CxkS1XHXDfhGyBnzjbgMdMmVxOWFwRQu1:iqkS13TfIyBnzjbgMdMsfu1

    Score
    7/10

    • Loads dropped DLL

    behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Query Registry

6
T1012

System Information Discovery

10
T1082

Virtualization/Sandbox Evasion

1
T1497

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

aspackv2
Score
7/10

behavioral1

Score
1/10

behavioral2

aspackv2discovery
Score
7/10

behavioral3

Score
3/10

behavioral4

Score
1/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
1/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
1/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
3/10

behavioral18

Score
1/10

behavioral19

Score
3/10

behavioral20

Score
7/10

behavioral21

Score
1/10

behavioral22

Score
3/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

evasion
Score
7/10

behavioral26

Score
1/10

behavioral27

Score
3/10

behavioral28

Score
7/10

behavioral29

Score
7/10

behavioral30

Score
3/10

behavioral31

Score
3/10

behavioral32

Score
7/10