faf416a42199707bb6a33297ac7ba0102d82b65ef17db1064369dfc253d5be75

Analysis

max time kernel
85s
max time network
187s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
22-05-2024 20:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Sony Vegas Pro 18.0/Setup.exe
Size

693.2MB
MD5

1afd68147ac485753917930116210a40
SHA1

8c8deec48a8a7c3d4e5af8e26e8b3d09decad08b
SHA256

3988557312ceca76bee86e2df0c34f2cdc7b2dc370846ba8390ae1d36d61e900
SHA512

4cd02d60b7f30c7b5e08e312330342c124c9fb4cda01ba99e8d765a4040ee7832760a25c1d9e32a5e5a3a4521a4bd2c2a75a6b48395f32da1959f2117dadeacb
SSDEEP

12582912:bGbk9hNMUyBXnkRSuLBCF8WwX2VX0I/wY3jCMQRoMCb+RSGcYHqEtZF8:lM5XnVTSX2VX0I/fjCpob+RSGdx8

Score

1^/10

Malware Config

Signatures

Modifies Control Panel 7 IoCs

evasion

Processes:

Setup.exe

description	ioc	process
Set value (int)	\REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1001\Version = "4294967295"	Setup.exe
Key created	\REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1001	Setup.exe
Key created	\REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000\Control Panel\Microsoft Input Devices	Setup.exe
Key created	\REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000\Control Panel\Microsoft Input Devices\Mouse	Setup.exe
Key created	\REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000\Control Panel\Microsoft Input Devices\Mouse\Exceptions	Setup.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1001\Filename = "Setup.exe"	Setup.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1739856679-3467441365-73334005-1000\Control Panel\Microsoft Input Devices\Mouse\Exceptions\1001\Description = "Sony Application"	Setup.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

Setup.exe

pid process

3524 Setup.exe
3524 Setup.exe

pid	process
3524	Setup.exe
3524	Setup.exe

C:\Users\Admin\AppData\Local\Temp\Sony Vegas Pro 18.0\Setup.exe
"C:\Users\Admin\AppData\Local\Temp\Sony Vegas Pro 18.0\Setup.exe"
1⤵
- Modifies Control Panel
- Suspicious behavior: EnumeratesProcesses
PID:3524

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\SonyInstall_1\autorun.dat

Filesize
20B

MD5
1873c3760f642291c0530fedbc57a13a

SHA1
b18c0966fe4a872037c05a8c2ebf603ee1ff1af7

SHA256
1761fd6ae23db6e83ed04efb8cc9ca7c4c536e91043ac9004d443ac1eee0f533

SHA512
be1a24e15c73016a1423942e62f14a4307bd6b3136f75fa204a2ae886614de1a5a09cdcde9fd512e061b246d0e53233d040ca65e9f9739a27db27dba49416e1c

Download Submit
C:\Users\Admin\AppData\Local\Temp\SonyInstall_1\request.ini

Filesize
151B

MD5
fa9ff3978ffde13fec5f6cb8298e750f

SHA1
b7f9a156ad1c5ba3802e7b6e9d12575bb89530ad

SHA256
83b31db9d0fb7204373e94e64de5a0442bc951e8071ede45bbe3b548977adeb6

SHA512
de2a2a6d30d3cb3cdfcb57883c564a015ce5b784d1895f5fe0034e3b241b4a9f71a2d3492611dd31fd118c052f4190ed3e3f8cc59e606ab012e56a6aa6d1b6e9

Download Submit
C:\Users\Admin\AppData\Local\Temp\SonyInstall_1\sonyinstall_x64.dll

Filesize
3.0MB

MD5
6cbb63c002bf04a8489ea320421e01e6

SHA1
1a8d18fb070773427343e746374c8d36c568e8c1

SHA256
7a679410002709fc21bf9a5b56c1fd097a556eb31b71547e309f24b23a9d92fa

SHA512
8b62795b0a886d3fca1c050faf89237c0b364b703cbff9c8cbc377205b8cdea0321910e268862fd0cbb3d78b362ec59066cc3f125887a00d72a073cd328272ee

Download Submit
C:\Users\Admin\AppData\Local\Temp\SonyInstall_1\vegas180.msi

Filesize
2.8MB

MD5
94a59313dd9592b79b3b03888167bbd0

SHA1
02f36fc109ddf9fd86924e88938410ea6f7eab2f

SHA256
30e1409e709335647a191c2a6310a5dd8909183577b8dc55168bb8d20fa71068

SHA512
7934b07f2ac3e04594c1235ac4ce72a09cd55d053c23c0ca39b42987cf65f6d3028cb10530e3c8bfcafd1f80fbb452ca899dd545291d8162d06aacafd496d839

Download Submit
C:\Users\Admin\AppData\Local\Temp\SonyInstall_1\vegas180.udat

Filesize
604KB

MD5
e34227582523dd5d6450d2a48e742d79

SHA1
0e7ad3795405d5eb2122fde5f0fc66ce74e1c855

SHA256
883986d00df7669a1d573a76317f036521232b0ad80a1b5f9cefbbda788f8932

SHA512
cf1ae9fa909655e7a639e382006cefd35ed29805cfdc92d48beec484794f79933313f6c7b13070bb9300e5c7829a63266048b5fdeaf84cf27ea27640f673531c

Download Submit