51371a17013cda103dc3443ad80056a3dc5e6e270b4ea5df220800f42228808e

Sharing

Copy URL

Twitter E-mail

General

Target

Impact_cracked.rar
Size

22.3MB
Sample

240424-zfqlwshc85
MD5

0b799d2a5bf61579ecb8f18a4c027eec
SHA1

6889f2ec6e886a926f8633b4f41234d9a34fc601
SHA256

51371a17013cda103dc3443ad80056a3dc5e6e270b4ea5df220800f42228808e
SHA512

8ea43b9b33e309b238237f9dd7388ce05d91f69553a264608cbf1ad633898806cdb077f7f7c95781888ed3d3b531f5df89b0084d4043069c668ec97218df2272
SSDEEP

393216:WjRiz31BhiGgEgZgE2PMBg6N1VHUfD6Gb0gkpTmGYSOn2tf3PnRp5Sj0TacC91:W1sFBhETgE2Pk1V0f+Gb0gkp9YRoRpSB

Score

9^/10

Malware Config

Targets

- Target
  
  Impact Spoofer/Apple_Cleaner.exe
- Size
  
  3.3MB
- MD5
  
  ba268b881bccd2784fe98289eec8ad72
- SHA1
  
  0c4e7f1473fb7ab22427480c3d784b6e0e404956
- SHA256
  
  c83921c8dda800ef24ebe873ec175617110dc9deb2629d1107f219ca30caece3
- SHA512
  
  30c836bb91ef96f5952571bba27d08c32011e619890fae392f882e5c7db7558ed26e6aa1fbdc2ce7d22c0a6aebc580e17ae807de70d99945cb2b438bd8cbbb3b
- SSDEEP
  
  49152:98jzvhuGMsOTenal2tV594MzhJD3TMgwQiPRxksa2EQUFO0JIbn6/ubWYY725hXQ:9QFXlbnal2XDhZRwRVsE0JDoWYJPXLk
Score

9^/10

evasion themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1
- Target
  
  Impact Spoofer/Fixer/Dll/msvcp140.dll
- Size
  
  576KB
- MD5
  
  7b92a6cb5d2cad407c457ab12d2b211d
- SHA1
  
  e04020b3448fc6084fa31b7f791f22ff15e31328
- SHA256
  
  3c6a772319fff3ee56d4cedbe332bb5c0c2f394714cf473c6cdf933754114784
- SHA512
  
  b28740c1aca4f0f60a9e4a9ab5a0561af774d977ab6d42a7eea70c9e560c77c50be5d9d869f05d0435e2923f4f600219335d22425807ab23cbbcda75442c4b42
- SSDEEP
  
  12288:RI88L4Wu4+oJ+xc39ax5Ms4ETs3rxSvYcRvbQEKZm+jWodEEVhQ:RD89rxZCQEKZm+jWodEEPQ
Score

1^/10
behavioral2
- Target
  
  Impact Spoofer/Fixer/Dll/vcruntime140.dll
- Size
  
  99KB
- MD5
  
  7a2b8cfcd543f6e4ebca43162b67d610
- SHA1
  
  c1c45a326249bf0ccd2be2fbd412f1a62fb67024
- SHA256
  
  7d7ca28235fba5603a7f40514a552ac7efaa67a5d5792bb06273916aa8565c5f
- SHA512
  
  e38304fb9c5af855c1134f542adf72cde159fab64385533eafa5bb6e374f19b5a29c0cb5516fc5da5c0b5ac47c2f6420792e0ac8ddff11e749832a7b7f3eb5c8
- SSDEEP
  
  1536:sC6b39cL/iRDhXq4GZLAy10i5XNC83tTPw98APXbxecbSQ25I4I/Cq:sVPphXq30yvXL5APbxecbSDu
Score

1^/10
behavioral3
- Target
  
  Impact Spoofer/Fixer/Dll/vcruntime140_1.dll
- Size
  
  43KB
- MD5
  
  3b22b2ec303b0721827dd768c87df6ed
- SHA1
  
  86f8af095cf7368ccbff2d0fd6d33586145acd2b
- SHA256
  
  3b792da47040c3b3e0804cdc5153eef4e802b6975963029d8dc360cb824a7b62
- SHA512
  
  79db774980ee132797f7e7dbc0e055b724d8fbf0e4917523b285f918730adfff81022cc6f5e15469b011d55501fd7b085bc070e9ecdfb75c05f4d6622a7f2475
- SSDEEP
  
  384:GRiuauREnUUWU55vZvS05fJjPg2h1RWmbzA+XfAXxy85xH0f9lWrGKWVQRpBj0HP:DJnUUV7xPg4RdPvv2DHkR+W+1CP
Score

1^/10
behavioral4
- Target
  
  Impact Spoofer/Fixer/MAC Changer.bat
- Size
  
  2KB
- MD5
  
  c4de3467146a7081c4af942053a38bce
- SHA1
  
  3869fec2ebf1bd24674bf64b20349cac35ac40bc
- SHA256
  
  d71aac2c7a84542a7db1e3c59c08f222225b4404efceb0719e8c2c35e54a83e7
- SHA512
  
  aed3cae41778d5bb9e61eca0e1f84e248bd501091776684b6a41ef6a8e7b5645e53e80696269c062a2011970bb13d5ac14d0ca374fd410f9911c68666a55ff00
Score

1^/10
behavioral5
- Target
  
  Impact Spoofer/Impact_fixed.exe
- Size
  
  6.1MB
- MD5
  
  f8164877a685b3ff1aa8a4c7292e699c
- SHA1
  
  279aba8c802d15f3507210b6bf702b678e30f5a3
- SHA256
  
  20ffe6d5ffeefecc28bef795ba84e3bb8339522e103c32705b0360f24051b12c
- SHA512
  
  f381a0789c50a89022acfc764766931ee43577637f6e11240ee6eade6a62f5e84a8c8b68fd2b240eddf184278693279e8a84a4863f2025f568e8acf0833d653c
- SSDEEP
  
  98304:IB38757d1xzB92ETr/SG/e6ML0kySVPziZ42xBTBcSn7JNXjEFsZg5:Gs7D1xH3/SG/KL0fSNmZ9xhBj7zzes6
Score

7^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral6
- Target
  
  x64/Beamer x64.exe
- Size
  
  59KB
- MD5
  
  67536b43240170484ee568f4cad51b0f
- SHA1
  
  086044453ad5fb1763b15ef834cbe056a493fef3
- SHA256
  
  30331e2bb723d497376036b467960b3435f0c625247740856123e35f33c8457f
- SHA512
  
  39883c317bfccceef4a662998cabdfd8ee9fe6299e8097e67080575ceb80e5e7cb445b79d2016998dc96138472ebfce9c5621ed73c81bb329dbce9e709eb0309
- SSDEEP
  
  768:NHnKOt1rJZhONUrMeJ5shJEHZGTYKaogXLKdSeEk672iRPS:NK+1rVONUwew7EH0zasdXEk672ixS
Score

1^/10
behavioral7
- Target
  
  x64/DeviceNameResolver.dll
- Size
  
  70KB
- MD5
  
  4a493025fc04b42ad6fe094d6171e8cd
- SHA1
  
  10fce3f7c7858f51070285a0c112a2601336913a
- SHA256
  
  b63354cf2bc3b7ffb5b679f78af7993d094561fd307f6ebc2a30c4db69f5b79d
- SHA512
  
  2e692ab41bdc813f9fb19b4ab335a5233f0881f9ba779a2056481e6e6fc9f5a31697ae3dabd599997c4f8a3553c5b7bf66f017abd03e1f7b93708a580fc6056d
- SSDEEP
  
  1536:ZZBMWi6zZbz0eZdTQIijtFe4TPRmoXuXOqH1N6Epldi:ZZBc6t/VZdTfixw4TPRXuXOqVN6uTi
Score

1^/10
behavioral8
- Target
  
  x64/GleeBug/TitanEngine.dll
- Size
  
  508KB
- MD5
  
  ffbc3470f138cc5b5b6712bf5ff49c5d
- SHA1
  
  062caea2ac841fd044476e99f9638f1c893d72ac
- SHA256
  
  0d2f0b369218e86f4ee8ae7f03295a01e3724d0b9e1393309c8dc02b279b6e3a
- SHA512
  
  830366239257b63765399191a3ff359b8867a3ea898b22a2d6d041478fdea728aaad615fb92591d4125b126b1a34e8a996f23c07e49c547b3d3642aa1a609acc
- SSDEEP
  
  12288:FMJvdbEO4DDvA6h71OposYujeps2A57Ft2K:Avd7v6h712osWK5JkK
Score

1^/10
behavioral9
- Target
  
  x64/LLVMDemangle.dll
- Size
  
  593KB
- MD5
  
  1228e59df447f4e6476546ae24638071
- SHA1
  
  7ec87e01e60f8f571684cc929fec414c224156e9
- SHA256
  
  8de391f11ceeafa007badf71b62560368f8c71623486ff1c2e4c5373fe482834
- SHA512
  
  acccedd27f10123e9f572d868fe11cd5d600b4f1a45a9e38fc263dd4d75cde022eb0d3c74fc3700148b4cfba7146c45d4591cda5fcbef8814427980658975c60
- SSDEEP
  
  12288:jo0iiwc1oIuS1jRPhvaIsUag9pbYggoFKQZELWpzizUqZX0aqlyT6kcrZ21ribar:niiwc1oIuS1jRPhvaIsUag9pbYggoFKj
Score

1^/10
behavioral10
- Target
  
  x64/Qt5Core.dll
- Size
  
  5.3MB
- MD5
  
  2f997eb6ba34065496cb088f1489aebb
- SHA1
  
  29fd1c8a3e71cfbc49c9f160dce2749cecaf0cb6
- SHA256
  
  7a4cb4ced60598ed0a4f31dfdc01a8019df5cca6cbbfd3ec7f629edd99db6007
- SHA512
  
  4b1fd309cae1205bd3eff3b48b21893a20211356779b29c9f7739bbe6eabfa3e83e256e8406aa0af0b223b1376ec139e9605a0451359c0cccd21d3360477c233
- SSDEEP
  
  98304:4WcwN5Gs2OJsv6tWKFdu9CwCGNcqCWHfUr:4WcwN5GspJsv6tWKFdu9CwLNcqCWHfA
Score

1^/10
behavioral11
- Target
  
  x64/Qt5Gui.dll
- Size
  
  5.7MB
- MD5
  
  0097fe1fdf80e2b515ab5ab2f6bad47c
- SHA1
  
  fce79b37dfc8b142dfd32c233c9ac9eec248bd6d
- SHA256
  
  3506bd2e291fe85a675d268e705f46dd0da7c274ec43dcb2330b8cee2b8c1d24
- SHA512
  
  cddb67a0d4bc60d7c26dfb4f03fbccc7d82ace7605b9d8fa20b46a970ffca134d5904303b91caa1e19b9c153a4b61ece3bde27095075dce344835e2cdbc531fc
- SSDEEP
  
  49152:08S02e0os7wJ/mpFdnTQWQNaRItxDfhPwcD2XB4/nHUWHNFSQDnxq2Nlnftvg32N:I0R0oetTbQQRIfD0Wt0szfbbmDQ
Score

1^/10
behavioral12
- Target
  
  x64/Qt5Network.dll
- Size
  
  1.0MB
- MD5
  
  911b28d088a35d3f56a23a63ee837dca
- SHA1
  
  c110efd1c33bd8ffc2062f92a95c8f915a8db6f7
- SHA256
  
  4708ed9604e731f3b7b9b1fd774f3962a80bdf36a1845a3bb7684e8507eb0be0
- SHA512
  
  f645cfee2c5a348f01b1aa0ff3b7a039dd47117c86390b7d5fedf253ffaac1894edc36949b29776a0ab24680d022ad468d9468fe9e470d05f7178a5e9ac8df6a
- SSDEEP
  
  12288:EPxv9zVdSzSJEc8tEQtd4Qie3hp1e2WO9MeuSVOHQhERYqWSrvuYjxt2+w7RHstz:ilSzi8tEQ7+e3hp1e2WOeXnrJS+w72Tp
Score

1^/10
behavioral13
- Target
  
  x64/Qt5Svg.dll
- Size
  
  312KB
- MD5
  
  b2c941e7a8b23664b36c70a655acd958
- SHA1
  
  3fb796251fec2ed2b2bc9c87008361992616e945
- SHA256
  
  78a031f1a8254e20c3e63357a2a87f8f6f2ba807e8edd74df6c2539b019ec309
- SHA512
  
  bfea52e55261f1fbfc9b6c8c5bde587dc0fcc29dbda5a4cb05bd30fb3ebc8ad024cf75cb9bffb04b5f8228c17adb1fa1cc1023178297f6a3efbfaf3a86a37edc
- SSDEEP
  
  6144:H3y2oiXfFHV8tz1mhiWl8b5rBQ6+Soi/7IOxlBWLtYH7OAqjt2O:HtpPFHV8tz1mh9l8bc2O
Score

1^/10
behavioral14
- Target
  
  x64/Qt5Widgets.dll
- Size
  
  5.3MB
- MD5
  
  82a8cd1f9b519d1aa8e6ad779c9e5c4f
- SHA1
  
  536da03f5389ea83009436a3197ec860ac6f0448
- SHA256
  
  6fbc262e506dc957dfdf72852cfc3b2c8b7850ec5eef4dc30f9fc9e066a8b911
- SHA512
  
  a7f178291f65edc4d4de2dddba624dc1b0c51c1b45ed92c0c35d5b3ecb496a0b8308fc1244b8846991d7580a684a9dadda1aab6f04bf4cac13ddc0cd2be31429
- SSDEEP
  
  98304:JpxOayP48Lqfk8bNbqDu3mn/cbF3EmFRRp/Y5HOWLG9N/PyaB6qCcz3O4IIWsDeH:JpxOayP48LqfkcbqDu3mn/cbF3EmFRRk
Score

1^/10
behavioral15
- Target
  
  x64/Qt5WinExtras.dll
- Size
  
  284KB
- MD5
  
  de7154814975f02e171f637f8222f8b1
- SHA1
  
  33198b358078341748ce5ea01ed8caf85501e0ce
- SHA256
  
  8dc1c6ad37a164639ef75093d8a0179f6f8efdf1a22877c59bac745968738e6d
- SHA512
  
  dde3c8e0fa96627dfe9ffe1067a9afacde3a69fc7ddc43d5823d091e4c449182b4c90a3fe7823f8480d889da2ae72a835b088ead54e135a197e5ad63efd4f4cf
- SSDEEP
  
  3072:GPadV1w6w69V3Zc9olfcTvOprcbfZ21IcOAiDNHjIEk22P:T1w6wQ3ZOolkTvDfZ21IcOAiZHEt26
Score

1^/10
behavioral16
- Target
  
  x64/Scylla.dll
- Size
  
  535KB
- MD5
  
  5e493745859db75bb4753cc2726d1956
- SHA1
  
  e2d9382a917374374b667513ca331fb63ee04985
- SHA256
  
  f0c2702ebc37ba355c9db71b810c6228b5d62369cb2fdf47bdff8f6b03a1a964
- SHA512
  
  afdaf46798f9658155dd8a4fc3b91ffc4db1e2cc1a179271d1623632ffda58be81e30ac1919af5fe7527cf154c73a7f4c703a273c763945add939a409b6c6c37
- SSDEEP
  
  6144:9fo6NZmPPlRY9E22D5ubY2Es19Dof77jYXTjKJDslXEn52IbDbaFB1eOkER7qHW+:9wZlR122D6t1loceeIbfacOfC
Score

1^/10
behavioral17
- Target
  
  x64/StaticEngine/TitanEngine.dll
- Size
  
  148KB
- MD5
  
  ba6b9cb7697b376941c3d6f59d0b877e
- SHA1
  
  fe8d57daf2558f0c2c4eefeb41ca33852ad45188
- SHA256
  
  97562ae24c1e05a10bffee17d42380e041c6c1e7a6745bcdc6c1c694471975e8
- SHA512
  
  77bde9e090b5574150fa06f7879877742114bfa01ab1d9f47fe231a8d95d3b6587be3886f6f2d10fb74fde41e4476d87f9c29b210ea91039f4e06a2081c5ed7d
- SSDEEP
  
  3072:b4OdSMIPSHd8imWlgH4Ew7H05qAj6jkA7JQWx/6U57ATgvlvGSFTu6s:b4+SMeSHd8imWWWu6jF7iy7VtS
Score

1^/10
behavioral18
- Target
  
  x64/TitanEngine.dll
- Size
  
  626KB
- MD5
  
  c151c851289a78d87f1032387ec6348a
- SHA1
  
  94f05d9f8ccc8cd33f3c37b72ca7825d707cd8a9
- SHA256
  
  6a82dc49f8bd5c30fd368c2c9616588ca68cfd6f0dd8bba526c927bfbd4ded90
- SHA512
  
  8f518fa03af48214c65f7a256657a29f2edac25be0e25c47b14ca557e52746e6dcb5fa80be94c8dd5e0691b66e76381adffd748229820485e340bfdbeb7ad48f
- SSDEEP
  
  12288:2GT+xKJdWu/doJ3kGRzPzD93Djzfvn4EhViA57Flb2p:2GKQJoT3kGRDzD9Tjz/F/X5Jlyp
Score

1^/10
behavioral19
- Target
  
  x64/XEDParse.dll
- Size
  
  1.4MB
- MD5
  
  e82079a897fd57748fc81e77b5756e65
- SHA1
  
  6204f217f4986be91d48552bcd4aa1b772b1832c
- SHA256
  
  1d339e41ca9d5337b410feec1ca808a7ad8b0af2cb6827cfe581cacbe04ba376
- SHA512
  
  8a0268858459d149148a0941866a90bc7fb2a8e4761f35f3fbca3a4d90a438f89bfcd71c3d35bfb62c95d1e1391b23ab32421e88573815c81293e166cdcfd956
- SSDEEP
  
  24576:tpoHrP3dUN26xvJ9TkdQbgbBO1uGaWAXIcbsYV1tM8o+gxUOKPCI:btI1O8o+gxTI
Score

1^/10
behavioral20
- Target
  
  x64/asmjit.dll
- Size
  
  248KB
- MD5
  
  8c2081d6e46cea8925eaaa5b6b81f46a
- SHA1
  
  ded5e3b4f60e193acd3a4af9b605430040f80e17
- SHA256
  
  746603fa6ed86d3e3885b2bd5c79692b6ba8429bf95961f4dda3da4749fb13cf
- SHA512
  
  94267b63d83222f2cde0e2bb853194ed43fa1fea7d17b0dcdd509d3312f98af7469a8e14da7dca68b6d2211b0f84ee3e47778ce7a0268ddba2db623999f27c65
- SSDEEP
  
  6144:cAgk25K4n3kMhx3urx9RQdTlufUXcgE1upHdltqc:cAgk25t3kMjerel
Score

1^/10
behavioral21
- Target
  
  x64/dbghelp.dll
- Size
  
  1.4MB
- MD5
  
  e9f0405aa557d9db4352c3473122905f
- SHA1
  
  b87740872aba806e4c3030e3baad9e5909ec33dd
- SHA256
  
  507262cb88b8ebc64a79451c49cd3b59eab97f4b81d265b51d6ccba487ba8301
- SHA512
  
  df38fb203b2f30a95d97f0b74321e04eb7f5eaa8d27428d3fe33fb40537902538758e6a04cc592c3d76ee2bfba54736457e493b60caa9285e115b5d732a77919
- SSDEEP
  
  24576:pp8iMrylctFcscX1ZxgCf0a+hGxSUwqK6Zq3OUkcgp0O0:L8UzHXT0a+hGxSUs3OUVyO
Score

1^/10
behavioral22
- Target
  
  x64/iconengines/qsvgicon.dll
- Size
  
  45KB
- MD5
  
  24043267d4395f646055c422d8ff1ce8
- SHA1
  
  4827a8b2b51dd7c0c52a0248740d22cd688b71d8
- SHA256
  
  b84e5e02ef6e91848a0d8033965325a988981077ca18edf9abaacc391a128a84
- SHA512
  
  a9e0c2d611d670a4fbba145753a77f1ff8aac3c1e6c9ad829117b2472c9197f57ff0e0e0a80f29e5eaf77ebf416196a55ce834a14895f02725f216270f2fa63c
- SSDEEP
  
  768:9jlFBm47PBWdUL0gqn3V/iNZ++njNe+jazbtXG7tAqOAEfHWrGEk672iRP7:FlFBm47lQgqF/0jnjazhG7tAqOAEerGE
Score

1^/10
behavioral23
- Target
  
  x64/imageformats/qgif.dll
- Size
  
  38KB
- MD5
  
  506a7c157ca05b5478b513b6b52f7b71
- SHA1
  
  54d5d132a7aaa857d33c0e118a56283a862be84a
- SHA256
  
  c2fce71c35bd6e22e2ea3a7e0554fe9a726f55d7027bcdbe587fab8983c3e421
- SHA512
  
  d4207de7eb2fff4f305209a3f4e51190eb6d2168a333dfaafe5cf00ffd838a0f6d324d3db50a35e696cd1dec4bce593201155ce231270679a15f0deaaaa1a42e
- SSDEEP
  
  768:/9xoE7ZP1tn1LjJkA6ZwLlm8OAbGTVEk672iRPz:/9LP9LjqwLlm8OAbSVEk672ixz
Score

1^/10
behavioral24
- Target
  
  x64/imageformats/qicns.dll
- Size
  
  45KB
- MD5
  
  f33b24d2e545afe46385879a57f8dbc7
- SHA1
  
  0ae0880f9ac8f5c2c2c1064479b20f88e280101d
- SHA256
  
  0a0f36c046fff544e335a0d0d80a2c36ac6064f474793426172899fe85d3e91d
- SHA512
  
  069ff4d9acd3adf9eed58bc210d758b5c35d8e34bdf2305cb8514593be3c3b41ece216895dbed3f986bebaf3839b7c5efb5f4f02e8b4999c75e6d4595d910ad8
- SSDEEP
  
  768:DAvq1sXHz4BTHDrRt8FbWOAvJb5M/Ek672iRPtK:cwZJiFKOAvJb5M/Ek672ixM
Score

1^/10
behavioral25
- Target
  
  x64/imageformats/qico.dll
- Size
  
  39KB
- MD5
  
  e16542376c59af7240393f39ee36781a
- SHA1
  
  cf35dd7d08bc091d8a48cfd46f1b0eb9f14ff5fb
- SHA256
  
  98aa16bc5192ec26ba1ba6b290acd984d50732a91e563eaa1016bcf923643f7e
- SHA512
  
  96482eef825dada740e5cbf67d69125f7f038a93b75f76027a8f7af71156b0b9f0b5fd83c9138c1b40a5ecfdc2719c1349a29cd5a9240189b884d167b8511adb
- SSDEEP
  
  768:64bnXHGamyEa0K78cgb2v95iBO39FNGXOusyNGzEk672iRPsT:3wyAEt95CO39FNGXOusGGzEk672ixi
Score

1^/10
behavioral26
- Target
  
  x64/imageformats/qjpeg.dll
- Size
  
  240KB
- MD5
  
  e082093ac545273490e3dcd92116b8e1
- SHA1
  
  c97a9e505482cd655bcc485ce3230a1649c7df28
- SHA256
  
  1a0d4ded8487a727b27dff67ef2f3794d40e1bab2e4d42b8250cc1e8525f5faa
- SHA512
  
  cf28e70d29230eb82229db372781429ab1c3cd9f1ed9a577c12641155484c12e6052cc3061ddf3ebd970bd84768b157dcd71ca41113102259d5fa2a0b94fdc60
- SSDEEP
  
  6144:VIBDQKXZn5Pm3HOl5rBUGc2n+kLo+zamhB4zSQxpdhq7EIcmeOARInt2A:CV5PgOjrBpcgLoeRh9pt2A
Score

1^/10
behavioral27
- Target
  
  x64/imageformats/qsvg.dll
- Size
  
  32KB
- MD5
  
  db0ea846f201e4eb446160d18e80fa3a
- SHA1
  
  0f3075f63b70cf02297c9f22ad1896bfc996eac4
- SHA256
  
  0548ef18dec7ee2d6d2ff51cd0e78136f9f6002fa389158df2ac841425201ec5
- SHA512
  
  81bcccf2d8be8857cdeb524b616175f3c707a7340b1b0753db1fa800b7d01c0e2fd66d32ad48f5935bb6f2c0cdb4eb1c64dc54e18d65391001a9ffd0492dcb38
- SSDEEP
  
  384:S57lIB/TGBHAXtK3yI7pJ355aCIjpQf+7gj1CP76yQUOusj18dSupwKNsEkhs7Li:Q7jlB7pJJkWmeSWyROui18kEk672iRPe
Score

1^/10
behavioral28
- Target
  
  x64/imageformats/qtga.dll
- Size
  
  31KB
- MD5
  
  c179cb633c05651ff0cdec84cdd71b5a
- SHA1
  
  cd9510003824b3ed2257770a86ad5f2c29f6e676
- SHA256
  
  37d36178f5c4e0bc546e05951c4da799ca21fa82690c0fdef1f1761703fd1b66
- SHA512
  
  37ee1faaea5297d3a77ce259ec14dc528c901f59f427bb448333f5bd6298eb21958f918d1846f147968c1695fef09886453d6a741886d9e4a8b87bf7053200cb
- SSDEEP
  
  384:YlsO/nXWx2Qj6PaGqHi4x051QZl0A+RwNivq4PlmOAswoA6dpwKNsEkhs7Lq8Zpj:e34xQ1ZAHqqqmOAVomEk672iRP6c
Score

1^/10
behavioral29
- Target
  
  x64/imageformats/qtiff.dll
- Size
  
  355KB
- MD5
  
  f860955e157bbc2972d9804486c54bd9
- SHA1
  
  40b9340cd934046b944c7ec1abf19a355f082892
- SHA256
  
  b9a79722472ffaa7a8e3025254fcd053ee1193ffd59353d8e9f28de99ffe7ed4
- SHA512
  
  3e4731196932f93955895b2eccae29b18a6d90eee1f8dbb4a1044cf833afab69ffced1f4f673cefdd7689d4f40ad81acd642944cda01811bbbb892c70e4379b5
- SSDEEP
  
  6144:U3S7Rc/frOvQod55Dopr37gPEO3OuosuEQt2S:UiFc/frHojBopLM+72S
Score

1^/10
behavioral30
- Target
  
  x64/imageformats/qwbmp.dll
- Size
  
  30KB
- MD5
  
  54b60b85caa948565c05a9a72861b83f
- SHA1
  
  04e233d466a7ccbd2e6d465600a5fe491bcc5cdf
- SHA256
  
  3ffa4adc5b5d9aab693f845f53b99774b7daec78c1aefc525b07bf794ac596c7
- SHA512
  
  3f56e60cb00b1725befc00e308c40f2b73b6eb57c34fe5ef6bf85e8a097ba657b3ec10fde8729b65956afca17ff2553e974aaae67888d91b30f3c2fcc2a6d4d1
- SSDEEP
  
  768:W7vAMyTgFtx3LFBqPOAjOVKYEk672iRPt:mn7JYPOAjOIYEk672ixt
Score

1^/10
behavioral31
- Target
  
  x64/imageformats/qwebp.dll
- Size
  
  376KB
- MD5
  
  88edbbdcc58a34b91303be7433c94aea
- SHA1
  
  c9e6d84b9806812126f723bca3396f6e55cdd3ad
- SHA256
  
  5a9beec614fa7195a568d82f3f892092832f15bc3240a7805f33b54b21a68cd2
- SHA512
  
  41bf249f22b0bfe29a02629fe42d53a8436fa4cabf7e452bfa1639826ebd7333a80f14c1ab1fa4dc1ff2dd81f775aa23888b77ad98272de93a80638401a6369f
- SSDEEP
  
  6144:Ei4aChw8K+NxRgHEGoNAmk6IPcJF7w6MxY8S+qOu1m41It2K:EiAw8K+gOdk6IPcJF7wB2K
Score

1^/10
behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1497

Credential Access

Discovery

Query Registry

T1012

Virtualization/Sandbox Evasion

T1497

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Identifies VirtualBox via ACPI registry values (likely anti-VM)

Checks BIOS information in registry

Themida packer

Checks whether UAC is enabled

Suspicious use of NtSetInformationThreadHideFromDebugger

VMProtect packed file

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32