e513658df9b96c8a30dfa822752035830d1e77fe643dc6ca41650b3120f440d3

Sharing

Copy URL

Twitter E-mail

General

Target

MAGIX.Vegas.20.0.411.rar
Size

291.1MB
Sample

240611-skcgha1hrn
MD5

d07d1a8247e07491f2bfccd1843fc547
SHA1

3ff38b35be95937913690f39ccd103c4841e21fe
SHA256

e513658df9b96c8a30dfa822752035830d1e77fe643dc6ca41650b3120f440d3
SHA512

1a07cfa1efcde31fcc1abc31713b830c30bc5435c7764ef4f84e398264af54ccc492ecc01a249b5024b380a0ff7f59a607eb2ca1045ad25cb08ccb31ce76cfa1
SSDEEP

6291456:dtlFtPM4W4mQUPSmRZ/KB+h/PwAWB/I2UCmqBHLDrCIUXnBmYk6Lvl:Vzk4QBjZ/KM3wvfUxqdLXJUXIYk6h

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  MAGIX.Vegas.20.0.411/LNG/CN.reg
- Size
  
  1KB
- MD5
  
  14203a6b1ef0e9f17e85c3522897b803
- SHA1
  
  5ad4e53642c5a1a37a1e8166d73e357d788c6f1d
- SHA256
  
  8911e21a8c7be1d91c8918aabe99c0a936f97e348fd519440e7ec9c517a97aae
- SHA512
  
  edd91a3bb940147758df5feaf878c41c87f0db8dd2cb06eab1d7d0e2e63b5b9578899c093351d0947c9de87265204f1e0317612318e8e787ca159180aa34b228
Score

1^/10
behavioral1
- Target
  
  MAGIX.Vegas.20.0.411/LNG/DE.reg
- Size
  
  1KB
- MD5
  
  b2a9feb3445a928bf394576661cca58d
- SHA1
  
  0064346e5341736be3088b40c75caf8cc68dd7f0
- SHA256
  
  e6b87a52eeade7c74b823adcc74d339c4e85fed5d21805318bcf242f95960854
- SHA512
  
  e7f5b9d6ee26ad7ea4b1aad2400035f431adeb943f2610174e2d05e9f4dab26d4ae8a02431dad63390e97da17ae9d3a60afa872c5c6b4bbe0928ba150843ab13
Score

1^/10
behavioral2
- Target
  
  MAGIX.Vegas.20.0.411/LNG/EN.reg
- Size
  
  1KB
- MD5
  
  8f7d875f536e714b2c1ae1276e50f89e
- SHA1
  
  dcd955e6f073182ed99381044e32ce42f4ae168c
- SHA256
  
  67fa1ced13392e8a62fe7cfbf424fda1fefd141dda112e04eae57dd522c6cab6
- SHA512
  
  f438b6c6cd2ddc776597205a798d3a86f3c1699d87f9873709c1f242ddeb8fa7fe0c0ad77e540915dc06ca86f80a4cc2e4c833f46b168595c25262c5e8213610
Score

1^/10
behavioral3
- Target
  
  MAGIX.Vegas.20.0.411/LNG/FR.reg
- Size
  
  1KB
- MD5
  
  a7b9cdb74d62c17cde713598ae476d9f
- SHA1
  
  7b621012edbe6d201071f93105ebd023b08b8c69
- SHA256
  
  0b178b9c5b118e6e09a1378d151a4f3a68081429366ef6845a6498ad8bee0fc6
- SHA512
  
  2a0f482c352e4f255b8422dd7516d2da00dbfc1ef4ce9a9e4d1688f67f8e212c417f97625d5baf05bb0ce01f3ab26144599684a1b26fd89d75c7a2b7004dfbf5
Score

1^/10
behavioral4
- Target
  
  MAGIX.Vegas.20.0.411/LNG/JA.reg
- Size
  
  1KB
- MD5
  
  8a0da62c3a4bda8f3c2836f3d3b3d56a
- SHA1
  
  6657a35f88ce890f323f23ab70a8e55584d0974f
- SHA256
  
  bc1d41d4216fd0b1c79083f8afd0cb8347443a758dc7d0586f34d6314d97222c
- SHA512
  
  ccf59022db5da8daedc3be91b6d2b1f9387353934a06cda8cbbb87dc6e78c609adb60f26f334212eaf91f0144a7a43f33b9fceaa4506098b7d27735f311f029c
Score

1^/10
behavioral5
- Target
  
  MAGIX.Vegas.20.0.411/LNG/KO.reg
- Size
  
  1KB
- MD5
  
  275166309bdd1dd18611d1fd9c4aa430
- SHA1
  
  b8e89b06c69006590263f944196a6b7d85680901
- SHA256
  
  776ccb34ec7bb8e0860ad40c089cc09686c2c89d9a8464f0f400247b065cbc00
- SHA512
  
  304098dde635bb0997cdde422112c24ec0f347f8458f345002fc29c18f92d7950979b2b77f3c23c1f2742e7467095ec2a29155b27de7f3abb6487b587c475ace
Score

1^/10
behavioral6
- Target
  
  MAGIX.Vegas.20.0.411/LNG/PL.reg
- Size
  
  1KB
- MD5
  
  20c740671b6e7b54187b44399c57d9f3
- SHA1
  
  e53750dfd24cff078b2dfac7bfa5a0b99f317640
- SHA256
  
  52973b6d91c01c9c54b558e572d98898d79255084f872addd7ef3f63f347566e
- SHA512
  
  e50712083463c9167bedca919a719f140b285f457db422d1b5ee78ef38749b1c64fb1a49c164cb9b9e7c26083ee4029099296d6eb279c67f85c48a4b1990ddf3
Score

1^/10
behavioral7
- Target
  
  MAGIX.Vegas.20.0.411/LNG/PT.reg
- Size
  
  1KB
- MD5
  
  387bff283babeba28667a3d92f96f924
- SHA1
  
  3ab288b996f8ba57efb8bcd8d92ddd6bb34ea06d
- SHA256
  
  049006b80ac1dd32fd0fbb3785053483837ff53a0fcd02ec952791b49b9a14a6
- SHA512
  
  ab9b4486fa209aa4417e38e5c2b526a8c563b852c9903f3d51613a8a69e04e2908200b0caee1fbac17abb8ffd78aa4cdbf4b731d33b54025fcd6e7e4b1664f10
Score

1^/10
behavioral8
- Target
  
  MAGIX.Vegas.20.0.411/LNG/RU.reg
- Size
  
  1KB
- MD5
  
  ba57b93f3c9ca4ac9b7fdb5796f7da77
- SHA1
  
  d4019d9fa9966c005a030bd6e500404b0502019f
- SHA256
  
  8a2602ab2ad7017834e1676b474089ac2c9066f63494b994cd72b2784a1f9f37
- SHA512
  
  35f04004bcad639232f069c1ef3725b0883ae09a90a9596d9bbcfdaf4f843645b3b62bab60774feca23cbdf687fa3fde44428766cd4d3180cc8584c64d991afd
Score

1^/10
behavioral9
- Target
  
  MAGIX.Vegas.20.0.411/LNG/SP.reg
- Size
  
  1KB
- MD5
  
  fb4e5148d81e049a8e18476bf255424c
- SHA1
  
  bf63930b6fec848aa755e0a85966036ab4d3a36d
- SHA256
  
  677bfd4b9ab17f91b023e7726a9f2c42899bf5df2033aec2b279882041b11023
- SHA512
  
  d26b173af01b7e025288ec9d4c1239873f0a9e2b04e70329a1b0078af36c4583ad2abec42ab342c13308a19956663b1ae5341e6f67379155b08e09b3dcd4ac2a
Score

1^/10
behavioral10
- Target
  
  MAGIX.Vegas.20.0.411/MAGIX Vegas 20.0.411.exe
- Size
  
  290.4MB
- MD5
  
  8622ee90b19fdb3c04234d55e17844bd
- SHA1
  
  4fc63affa302cb432df0015f6286928cd08903cf
- SHA256
  
  c65c0d2f9ef496d1f551f9f36e2e3ff14af71cac6b0e46fcfacb9dcdecc453a2
- SHA512
  
  623efd9b55389d0ffc713b00c0ae8b0910e50fce8a72a444e2af75041376e0ac4358b35e76aaffd6dc6932bebb2d47373d42592adcddd9363b3dbac23814ec96
- SSDEEP
  
  6291456:UkWGE/bxgO+cvg/Dbn5wUIzVR/bednZIb3fx6xtrc2Ha/6MIZULCqFGUytE/8:Ukmicg7bnOVlqkb3fx6xtrd+UZWCqn5E
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral11
- Target
  
  MAGIX.Vegas.20.0.411/_Silent Install.cmd
- Size
  
  1KB
- MD5
  
  6e86df7036b91793912f8b47d5895e72
- SHA1
  
  77810cd5d504f24e039fcf9bba4d90d18a663e1a
- SHA256
  
  0480acbf7c5c93d251ac407ced3a453a6e58e0491a5da67077bc3c3787e5d2c6
- SHA512
  
  4d6661373b3d9d699cbba7337c3d9ba03b8759af1ceac85de01085c4e2e58eb8f1ec897125630a93c2c21532834f3b62b23a015b04ca83d2ceacc9cec9708ce1
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral12
- Target
  
  MAGIX.Vegas.20.0.411/Ключ ЧИТАТЬ ПЕРЕД УСТАНОВКОЙ!.txt
- Size
  
  972B
- MD5
  
  00a91a78d20ade89629119b259503df6
- SHA1
  
  a00e2d7e0f4e6c9b6f418abf29cb4d70ba7b1229
- SHA256
  
  7a137444eec98ebffd59daf8d6032f52c70b60cf0b72f00c0ba32bbe5f8141e5
- SHA512
  
  ff294d8a24c7edba170d02b8d4d384d93b15219898c8adefc74e53164b6d2509542f4799bb67de4baa6e941e1540f77d7133b5b7f247b40a71b49750d2d3f0a0
Score

3^/10
behavioral13

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Registers COM server for autorun

Enumerates connected drives

Drops file in System32 directory

Suspicious use of NtSetInformationThreadHideFromDebugger

Executes dropped EXE

Loads dropped DLL

Registers COM server for autorun

Enumerates connected drives

Drops file in System32 directory

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13