Overview

overview

8

Static

static

1

Microsoft....4.appx

windows7-x64

Microsoft....4.appx

windows10-2004-x64

Microsoft....4.appx

windows7-x64

Microsoft....4.appx

windows10-2004-x64

8

Microsoft....6.appx

windows7-x64

Microsoft....6.appx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Microsoft.HEVCVideoExtension_2.0.60961.0_neutral_~_8wekyb3d8bbwe.AppxBundle

  • Size

    9.1MB

  • Sample

    240507-3ybggafc6w

  • MD5

    95ce7bb8047d8fac34eb1547252c930c

  • SHA1

    3e66de064adc472db301f53da7c5ceedcbf22b45

  • SHA256

    7c557473a79c65d22f6af14738043e415755f0ff67cd03c65eeb32287e20fcd7

  • SHA512

    f38c30f7ef9b488c151d55b5f8db27a093c1ff1df96d1bde2c02bb8ae687b2d13c82dd8116c9fad0d93d02a619e73152571d574724f3b90532144628019d3d45

  • SSDEEP

    196608:VX/kBvbBtBMZ1JvAvXlUgwX4uwbW64q7qvAvXlUgw074SbW66q7dbW69Eq7rh:w7BGbvAPu1GovAPuC3t1

Score
8/10
persistence

Malware Config

Targets

    • Target

      Microsoft.HEVCVideoExtension_8wekyb3d8bbwe.arm64.appx

    • Size

      4.8MB

    • MD5

      8d2d3343e89fe35d2b46a71924b864ac

    • SHA1

      d70065cbc9616b58a8b59a2666e611855713e673

    • SHA256

      c1e75229df1748be073ace33e3c89f3312c3f026d46264064a0dfe64e9309046

    • SHA512

      d7ac93340b8eb62b1b3f5d5ce4173701596e38ab324c483672aaabd939978e8e77cdbc6710cd4f22a68499bc7cdf83522bc03f09af5132a055f608aad95cfc8b

    • SSDEEP

      98304:lcA7bHEeYsivbBtQEXv3MZoiRbtZvAppwoXnllmgtGXfQuQ8HGbW6opfi7J7iA0O:lX/kBvbBtBMZ1JvAvXlUgwX4uwbW64qP

    Score
    1/10
    behavioral1behavioral2

    • Target

      Microsoft.HEVCVideoExtension_8wekyb3d8bbwe.x64.appx

    • Size

      2.8MB

    • MD5

      8062f8c41ab2483afadd598023149e2e

    • SHA1

      1c48d07e224bfba32cd647a9f7e638fd95297ee3

    • SHA256

      9f72f2e53d9c388d9ad56bd68a6738cc453db7924df17998857f0c9a1e24ed7a

    • SHA512

      28939368223d4c0d6386f147b53a2c59cf4fff131c77908d2d672b1b3b5f852bda8b025bfc2c989973659860fc332ebb1ad4c93f54bb79ea372d0447e71f78f7

    • SSDEEP

      49152:Vw8XvAppwIhXnllmy9ptFQ0DvfO5yzcmNHcHGbWzzmfm19i7J7iACan:Vw8XvAppwoXnllmgtG07fQ6cK8HGbW6j

    Score
    8/10
    persistence

    • Modifies Installed Components in the registry

      persistence

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral3behavioral4

    • Target

      Microsoft.HEVCVideoExtension_8wekyb3d8bbwe.x86.appx

    • Size

      1.5MB

    • MD5

      d569d89cf44dcc3f75af4b1ea9014e5d

    • SHA1

      a1f93a63e67063d43a1b6c5b2c28771b4ddfc999

    • SHA256

      4bffdd5412603ad7ab14f6ba9c9c25f9fa57f79767d0fe151c2b6c91e20fdb70

    • SHA512

      ffe0aa9ff77db2b6bdf25afbd2e1d3e1fcb24ac7c8b6a4944bb6f902df79618ad5153ddb86ecd6bff87a903549d62321884c92da7e173b60eab8aa29cfb563f6

    • SSDEEP

      24576:qbievlY+HTY45CzJZvGbWzzSSm8tqfcnRNqk2vz8WN4fVTvK7fuk7iAxXpda4:XetNHcHGbWzzmf/k2g19i7J7iA3

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks