Overview
overview
7Static
static
3Vanta-Loader.exe
windows11-21h2-x64
7$PLUGINSDI...ls.dll
windows11-21h2-x64
3$PLUGINSDI...em.dll
windows11-21h2-x64
3$PLUGINSDIR/app-64.7z
windows11-21h2-x64
3LICENSE.electron.txt
windows11-21h2-x64
3chrome_100...nt.pak
windows11-21h2-x64
3chrome_200...nt.pak
windows11-21h2-x64
3icudtl.dat
windows11-21h2-x64
3locales/af.pak
windows11-21h2-x64
3locales/am.pak
windows11-21h2-x64
3locales/ar.pak
windows11-21h2-x64
3locales/bg.pak
windows11-21h2-x64
3locales/bn.pak
windows11-21h2-x64
3locales/ca.pak
windows11-21h2-x64
3locales/cs.pak
windows11-21h2-x64
3locales/da.pak
windows11-21h2-x64
3locales/de.pak
windows11-21h2-x64
3locales/el.pak
windows11-21h2-x64
3locales/en-GB.pak
windows11-21h2-x64
3locales/en-US.pak
windows11-21h2-x64
3locales/es-419.pak
windows11-21h2-x64
3locales/es.pak
windows11-21h2-x64
3locales/et.pak
windows11-21h2-x64
3locales/fa.pak
windows11-21h2-x64
3locales/fi.pak
windows11-21h2-x64
3locales/fil.pak
windows11-21h2-x64
3locales/fr.pak
windows11-21h2-x64
3resources/elevate.exe
windows11-21h2-x64
1runtimebroker.exe
windows11-21h2-x64
7vk_swiftshader.dll
windows11-21h2-x64
1vulkan-1.dll
windows11-21h2-x64
1$PLUGINSDI...7z.dll
windows11-21h2-x64
3General
-
Target
Vanta-Loader.exe
-
Size
72.2MB
-
Sample
240613-cfdk1azhkb
-
MD5
cbc96bb56765ea90e86266ee5792815a
-
SHA1
c0ad03bafdc87b967adde6112ec123b2365d4fcc
-
SHA256
fe3e8b0fb23d7889d8e1cf58ddec37d255393ccfb6017f27032604e53aa1b3c8
-
SHA512
f4a587236f0154c9ad77670dbe22a1e406eb5af217584c847793c23b4ff3c65dbe94e2b34ac4f436a09743fd7a5ea949d668290fc175acf6a094a08259656e72
-
SSDEEP
1572864:NQEzy1VcNa4ukneNnsxhf4nogX4dwLkJKFb7Qxro/BAO82FaRNF27:2EqVnknMc6ogasfZ5AOHat27
Static task
static1
Behavioral task
behavioral1
Sample
Vanta-Loader.exe
Resource
win11-20240508-en
Behavioral task
behavioral2
Sample
$PLUGINSDIR/StdUtils.dll
Resource
win11-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win11-20240611-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/app-64.7z
Resource
win11-20240611-en
Behavioral task
behavioral5
Sample
LICENSE.electron.txt
Resource
win11-20240611-en
Behavioral task
behavioral6
Sample
chrome_100_percent.pak
Resource
win11-20240508-en
Behavioral task
behavioral7
Sample
chrome_200_percent.pak
Resource
win11-20240419-en
Behavioral task
behavioral8
Sample
icudtl.dat
Resource
win11-20240611-en
Behavioral task
behavioral9
Sample
locales/af.pak
Resource
win11-20240611-en
Behavioral task
behavioral10
Sample
locales/am.pak
Resource
win11-20240508-en
Behavioral task
behavioral11
Sample
locales/ar.pak
Resource
win11-20240611-en
Behavioral task
behavioral12
Sample
locales/bg.pak
Resource
win11-20240611-en
Behavioral task
behavioral13
Sample
locales/bn.pak
Resource
win11-20240611-en
Behavioral task
behavioral14
Sample
locales/ca.pak
Resource
win11-20240508-en
Behavioral task
behavioral15
Sample
locales/cs.pak
Resource
win11-20240611-en
Behavioral task
behavioral16
Sample
locales/da.pak
Resource
win11-20240508-en
Behavioral task
behavioral17
Sample
locales/de.pak
Resource
win11-20240508-en
Behavioral task
behavioral18
Sample
locales/el.pak
Resource
win11-20240419-en
Behavioral task
behavioral19
Sample
locales/en-GB.pak
Resource
win11-20240508-en
Behavioral task
behavioral20
Sample
locales/en-US.pak
Resource
win11-20240611-en
Behavioral task
behavioral21
Sample
locales/es-419.pak
Resource
win11-20240508-en
Behavioral task
behavioral22
Sample
locales/es.pak
Resource
win11-20240611-en
Behavioral task
behavioral23
Sample
locales/et.pak
Resource
win11-20240611-en
Behavioral task
behavioral24
Sample
locales/fa.pak
Resource
win11-20240611-en
Behavioral task
behavioral25
Sample
locales/fi.pak
Resource
win11-20240611-en
Behavioral task
behavioral26
Sample
locales/fil.pak
Resource
win11-20240508-en
Behavioral task
behavioral27
Sample
locales/fr.pak
Resource
win11-20240508-en
Behavioral task
behavioral28
Sample
resources/elevate.exe
Resource
win11-20240419-en
Behavioral task
behavioral29
Sample
runtimebroker.exe
Resource
win11-20240611-en
Behavioral task
behavioral30
Sample
vk_swiftshader.dll
Resource
win11-20240611-en
Behavioral task
behavioral31
Sample
vulkan-1.dll
Resource
win11-20240508-en
Behavioral task
behavioral32
Sample
$PLUGINSDIR/nsis7z.dll
Resource
win11-20240611-en
Malware Config
Targets
-
-
Target
Vanta-Loader.exe
-
Size
72.2MB
-
MD5
cbc96bb56765ea90e86266ee5792815a
-
SHA1
c0ad03bafdc87b967adde6112ec123b2365d4fcc
-
SHA256
fe3e8b0fb23d7889d8e1cf58ddec37d255393ccfb6017f27032604e53aa1b3c8
-
SHA512
f4a587236f0154c9ad77670dbe22a1e406eb5af217584c847793c23b4ff3c65dbe94e2b34ac4f436a09743fd7a5ea949d668290fc175acf6a094a08259656e72
-
SSDEEP
1572864:NQEzy1VcNa4ukneNnsxhf4nogX4dwLkJKFb7Qxro/BAO82FaRNF27:2EqVnknMc6ogasfZ5AOHat27
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-
-
-
Target
$PLUGINSDIR/StdUtils.dll
-
Size
100KB
-
MD5
c6a6e03f77c313b267498515488c5740
-
SHA1
3d49fc2784b9450962ed6b82b46e9c3c957d7c15
-
SHA256
b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
-
SHA512
9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
-
SSDEEP
3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
12KB
-
MD5
0d7ad4f45dc6f5aa87f606d0331c6901
-
SHA1
48df0911f0484cbe2a8cdd5362140b63c41ee457
-
SHA256
3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
-
SHA512
c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
-
SSDEEP
192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score3/10 -
-
-
Target
$PLUGINSDIR/app-64.7z
-
Size
71.7MB
-
MD5
78d24400fda5e3cafbb0a025f6ca7e0c
-
SHA1
319e168feb66b5aafa6196bec3ef64fb4f55d33b
-
SHA256
c10542d0f20e54b104d96df68ddeb6c5cef3804b0a332dd7f7bbd23244e9332e
-
SHA512
8d4e59d2ec1fa6ace1af7ce73e4c75c49e06539e1797e425f3176e1ce89de35e1d9e32f120d9e0312144d1ce11903eae0a54ef28f9a5f2ba1527c161f31e796d
-
SSDEEP
1572864:5QEzy1VcNa4ukneNnsxhf4nogX4dwLkJKFb7Qxro/BAO82FaRNFY:qEqVnknMc6ogasfZ5AOHatY
Score3/10 -
-
-
Target
LICENSE.electron.txt
-
Size
1KB
-
MD5
4d42118d35941e0f664dddbd83f633c5
-
SHA1
2b21ec5f20fe961d15f2b58efb1368e66d202e5c
-
SHA256
5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d
-
SHA512
3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63
Score3/10 -
-
-
Target
chrome_100_percent.pak
-
Size
126KB
-
MD5
8626e1d68e87f86c5b4dabdf66591913
-
SHA1
4cd7b0ac0d3f72587708064a7b0a3beca3f7b81c
-
SHA256
2caa1da9b6a6e87bdb673977fee5dd771591a1b6ed5d3c5f14b024130a5d1a59
-
SHA512
03bcd8562482009060f249d6a0dd7382fc94d669a2094dec08e8d119be51bef2c3b7b484bb5b7f805ae98e372dab9383a2c11a63ab0f5644146556b1bb9a4c99
-
SSDEEP
3072:AEKzwqCT4weSxQCS/qGTL2o418Gb0+VRLf0ld0GY3cQ39Vm2I:AEKzwt4hC4/rK18Gb0OV8ld0GecQ3f2
Score3/10 -
-
-
Target
chrome_200_percent.pak
-
Size
175KB
-
MD5
48515d600258d60019c6b9c6421f79f6
-
SHA1
0ef0b44641d38327a360aa6954b3b6e5aab2af16
-
SHA256
07bee34e189fe9a8789aed78ea59ad41414b6e611e7d74da62f8e6ca36af01ce
-
SHA512
b7266bc8abc55bd389f594dac0c0641ecf07703f35d769b87e731b5fdf4353316d44f3782a4329b3f0e260dead6b114426ddb1b0fb8cd4a51e0b90635f1191d9
-
SSDEEP
3072:rDQYaEQN6AJPrSxQCS/qGTafR54x5GMR+F44ffbdZnYw9p4AbIVGYoDd+HxNK/r4:rDQYaNN68rC4/Ygx5GMRejnbdZnVE6YR
Score3/10 -
-
-
Target
icudtl.dat
-
Size
10.1MB
-
MD5
2c367970ac87a9275eeec5629bb6fc3d
-
SHA1
399324d1aeee5e74747a6873501a1ee5aac005ee
-
SHA256
17d57b17d12dc5cfbf06413d68a06f45ccf245f4abdf5429f30256977c4ed6de
-
SHA512
f788a0d35f9e4bebe641ee67fff14968b62891f52d05bf638cd2c845df87f2e107c42a32bbe62f389f05e5673fe55cbdb85258571e698325400705cd7b16db01
-
SSDEEP
98304:TfPBQYOo+ddlymYf2LfPQCvliXUxiG9Ha93Whla6ZENSs285:TfPBhORjYAHliXUxiG9Ha93Whla6ZEV7
Score3/10 -
-
-
Target
locales/af.pak
-
Size
353KB
-
MD5
464e5eeaba5eff8bc93995ba2cb2d73f
-
SHA1
3b216e0c5246c874ad0ad7d3e1636384dad2255d
-
SHA256
0ad547bb1dc57907adeb02e1be3017cce78f6e60b8b39395fe0e8b62285797a1
-
SHA512
726d6c41a9dbf1f5f2eff5b503ab68d879b088b801832c13fba7eb853302b16118cacda4748a4144af0f396074449245a42b2fe240429b1afcb7197fa0cb6d41
-
SSDEEP
6144:j54QCpN9/WiHIR9a5D4+kQMGSB+jC6kAw1TUKKpg3b9xIsVxSt2y5qP3ux5tPwDV:F9CpN9OiHIRX+HMT+jC6kAw1TYpg3b9P
Score3/10 -
-
-
Target
locales/am.pak
-
Size
569KB
-
MD5
2c933f084d960f8094e24bee73fa826c
-
SHA1
91dfddc2cff764275872149d454a8397a1a20ab1
-
SHA256
fa1e44215bd5acc7342c431a3b1fddb6e8b6b02220b4599167f7d77a29f54450
-
SHA512
3c9ecfb0407de2aa6585f4865ad54eeb2ec6519c9d346e2d33ed0e30be6cc3ebfed676a08637d42c2ca8fa6cfefb4091feb0c922ff71f09a2b89cdd488789774
-
SSDEEP
12288:QqhqEuPxT8xZTtWosuF9Q5m9yAAVzfukCQox30jH8+I:Zh8T8xTWoZF9Q5m9yAAVzXCQ0
Score3/10 -
-
-
Target
locales/ar.pak
-
Size
624KB
-
MD5
6352905a290802a05dd3a64d22216f6e
-
SHA1
11adb10f0678079c8f73779bb039e12329bcaac7
-
SHA256
00861d9fa5763cc5c3152edb4a5c956c6bc4f56311ce2ed9e6b496181624ab5e
-
SHA512
0b0dbad8201ebd1a7dc2cfb11325c509efbcced3ac3d337915cf2972defe2304ea9f8af91d9362cb51333459900a80b714e7302a6483ad58fd64404f8410b6ea
-
SSDEEP
12288:Z/yZHOg8tqI45/XvYUtOkjbkqBJ51NbW+eTtvZEMgSENOM:4ZHOgUYRF75S+3
Score3/10 -
-
-
Target
locales/bg.pak
-
Size
652KB
-
MD5
38bcabb6a0072b3a5f8b86b693eb545d
-
SHA1
d36c8549fe0f69d05ffdaffa427d3ddf68dd6d89
-
SHA256
898621731ac3471a41f8b3a7bf52e7f776e8928652b37154bc7c1299f1fd92e1
-
SHA512
002adbdc17b6013becc4909daf2febb74ce88733c78e968938b792a52c9c5a62834617f606e4cb3774ae2dad9758d2b8678d7764bb6dcfe468881f1107db13ef
-
SSDEEP
12288:MMq8w2kMLlYrdAs1aQUx41aVVwslMLOmFOMw35uKN31tfbDMxbV2Jfu64Kjz5fS+:MMqckulYrdAs1aQUmBsmRw35uK7Jgxho
Score3/10 -
-
-
Target
locales/bn.pak
-
Size
838KB
-
MD5
9340520696e7cb3c2495a78893e50add
-
SHA1
eed5aeef46131e4c70cd578177c527b656d08586
-
SHA256
1ea245646a4b4386606f03c8a3916a3607e2adbbc88f000976be36db410a1e39
-
SHA512
62507685d5542cfcd394080917b3a92ca197112feea9c2ddc1dfc77382a174c7ddf758d85af66cd322692215cb0402865b2a2b212694a36da6b592028caafcdf
-
SSDEEP
3072:6gGTLRFbMdhBVHvr5eSnC6PRWhk7Bbd8+D95H0XluZ:YWBlvr5FCYRWuBbdB5wl2
Score3/10 -
-
-
Target
locales/ca.pak
-
Size
400KB
-
MD5
83f9f785483cd92a73843ed98e674f86
-
SHA1
70e223dba0ecc5cf3f5fcf32278d97ff864c8024
-
SHA256
f7f54b55a917a0f68e4b7ed7a3e6feabb224c52d09786b939712607ebe8ab0ea
-
SHA512
df231f6774a9568cc4b85ad18d13c31cfb4de78830c72900ebd613d580e914e85eff85330ac9aa85246a0e4949891fdfb224ac615a03fcb0ce05b989391963e8
-
SSDEEP
12288:b7zLrwZVrijIs3cejEYBCqS4o3nbhjJSwHQliEwfwVKMXdLbpuQ16BtryBiGIlea:b/LrwuQU+9AMNTCypJB5uIma
Score3/10 -
-
-
Target
locales/cs.pak
-
Size
409KB
-
MD5
f36f1b2ff12fb87a578c36f73f5aac83
-
SHA1
73f61f7b6f191468ff4d9566a0bb6eccf1069cac
-
SHA256
877a0a3dcb5d393365b2f775faff0d3593dd84b380a27dc72025597061a50ba7
-
SHA512
c61a38f937dcc90c7dd5b87d9514147b6362d339d9af85bcb3677bb12ae5715d05426f6e67ffd3b441cc41530883a227096b4135b98f2d5c73f51612e0a0e4c9
-
SSDEEP
6144:F+ud6UIAMYOnQJeAIV4g558YwGKNDsku8Qy:F+crIA5OnM04g558YwbNDsC
Score3/10 -
-
-
Target
locales/da.pak
-
Size
371KB
-
MD5
7ff057b530184205100dbea8635a29a7
-
SHA1
f6e22b2e37e6d7bf0ca9bec220650f01d1a4a091
-
SHA256
40b32636ffb813574d8a063ce7e74860ab06b93a9b16dd56b5b6aa602b5e6943
-
SHA512
09b7b6c280d98f21beeddf1b9e5834462f29d299a64276c198ef3eab466b352695172d2ff118664c34e51a2b73e21949f203ba35b0bb6d3e031ac770e3e6b451
-
SSDEEP
6144:czPHGfn8eua0swlGVJJwoXlw5CvwT5RTrBGzO7i1yd4tTWwv:Bf8hJklwN5Nr2TH
Score3/10 -
-
-
Target
locales/de.pak
-
Size
397KB
-
MD5
1b928ff4831916bbe39e4b2e08f52267
-
SHA1
dd8788bb4d386f7d0b8e685a09cc9ca361b7c31e
-
SHA256
9c335a4e85b4ac58ed386d89d284be053ef288b2706a4cae433d91625ec1b31e
-
SHA512
95dc4ecd45708277618a913bd07073a7cc61b642ae14fecc91ac0548898771a522a0672ee67399e5f5c8ca3006c37aa878b74af1f41717b9607c00f49e40124a
-
SSDEEP
6144:V3i9zINugqVZGaaU8WUmzg3ELWzhqY305QgfGlIsCJd:VzQrZbaK/LWy5uOsCJd
Score3/10 -
-
-
Target
locales/el.pak
-
Size
712KB
-
MD5
e66a75680f21ce281995f37099045714
-
SHA1
d553e80658ee1eea5b0912db1ecc4e27b0ed4790
-
SHA256
21d1d273124648a435674c7877a98110d997cf6992469c431fe502bbcc02641f
-
SHA512
d3757529dd85ef7989d9d4cecf3f7d87c9eb4beda965d8e2c87ee23b8baaec3fdff41fd53ba839215a37404b17b8fe2586b123557f09d201b13c7736c736b096
-
SSDEEP
12288:AQbueXYquNw2202pgtZBAujt4NIbsJvaP5A3HRsgQiEYQ3C1gf2ns4CfFnx1Xu2v:B2quNw2202pgtHAujmNrJvaRA3HRsDik
Score3/10 -
-
-
Target
locales/en-GB.pak
-
Size
324KB
-
MD5
e0c79cf2e5b790386e44b125d8e1a5fc
-
SHA1
1b75baf8035b81d6494f9f36930bbc8c512e1dbf
-
SHA256
6b0e81b2198e025eae1e2f6d5d3a33ccce034d1f4bc59e4cade1b5f5adb99f1a
-
SHA512
e4feb64ce7edf416422127280cf87967a5e6b20436a8ed33932b1bade73f0691ac819449d38fa0d8a81b888d6319f0b3167aa16e225999dfd6e7800d2365f2a6
-
SSDEEP
6144:k6QL0f35ubiwMP9egutWbfaYX2YBB5HXSdBruC:6LduwMetW92M53SuC
Score3/10 -
-
-
Target
locales/en-US.pak
-
Size
326KB
-
MD5
19d18f8181a4201d542c7195b1e9ff81
-
SHA1
7debd3cf27bbe200c6a90b34adacb7394cb5929c
-
SHA256
1d20e626444759c2b72aa6e998f14a032408d2b32f957c12ec3abd52831338fb
-
SHA512
af07e1b08bbf2dd032a5a51a88ee2923650955873753629a086cad3b1600ce66ca7f9ed31b8ca901c126c10216877b24e123144bb0048f2a1e7757719aae73f2
-
SSDEEP
6144:Mvneu710gxhmrunGeuMP9eczCPMfaYbg3In5N+Sqn8BcwS:Ml0gxvNuMbCPmgA5YSNcwS
Score3/10 -
-
-
Target
locales/es-419.pak
-
Size
395KB
-
MD5
a510ff6703676bacde7e528823878018
-
SHA1
6551a7dac1c3fcd839b8d7c6ca92470f30a93d0d
-
SHA256
77114f519743741a488a9b57cdc7190f0507c37dc3b29811704a048172ba6736
-
SHA512
e9b75bc92eb077db57f906ef544b2339c4eb4f6eddf65d2570c36a00ab4b8a167a53e869d81150a7d097ecbf4ba19625ad4228f133392cc850352fe66fea47e0
-
SSDEEP
3072:75rkwZKG5KJo0ZqU3bFOZiqK9zj4rMY4rjyujd8pyPWncpwwfNEOv553ln0GLFjT:t1K2YZqa+iqK9BYgapFGl5jLFjdA7Fcp
Score3/10 -
-
-
Target
locales/es.pak
-
Size
394KB
-
MD5
e42486833449ea57261d5bbdabb8b4e2
-
SHA1
09734ed71302c7a3bf5f84dee1dfab7732bc0745
-
SHA256
d539c88c4493cb1d9eae600611e3119fe129ec95149049f4b62fc3a97d78ca61
-
SHA512
8ad283323c3f2e7a9d2e33eb86c371be6a9e29d9243e0d74d5936606692367212f81825d5c313a8859ff8de84eb6d23cbfc577ca47185392da803717f29e8b24
-
SSDEEP
6144:PvmYiy+G+BXUx+8wjgfUcp9Ch4862jbj5RrV7oDocjm6PZqJ:HmYl+G+BmB9pchXxjbj5RrEoASJ
Score3/10 -
-
-
Target
locales/et.pak
-
Size
356KB
-
MD5
8b3cb5e4b8ac769bde84e5c375c1774e
-
SHA1
53665908d6ec12095abd766911d8abcc84c6da58
-
SHA256
c351b84558214420495bed6d882d37496483cc66b0e10400ca872e3fc4145b66
-
SHA512
b0dff640d32e5c277f2d3441abf823e8859f28f215cfc63fde8a968cbc9b9531aa0394e10fa98284d186323e3357ea2265d762dc034be86bb50f5c55630ab4c5
-
SSDEEP
6144:GUyHOJUh4ANS+2b0x6i05L9n4h+JbT/R/WiMMb5bjN43LcLQ6PQX:wZNQbNkmzb5bjC
Score3/10 -
-
-
Target
locales/fa.pak
-
Size
577KB
-
MD5
e861a65f12b38a3def1fe9e933cae275
-
SHA1
8d083b5902a15a63ef11c7783f12e088d333fcf5
-
SHA256
f9a8e3b9bbc809f11cc3dc32811940e033bd78a31ec154d28321473f8efa1e4d
-
SHA512
d1fe91c693c794b4a4d60560800c919977654832e8f6e34fb1ec0ffbf5c411cf35b0a0e22e036dca48a246ab8d6bea0427c5ceb232d460e9c59cf4163d55314c
-
SSDEEP
12288:0a2qX9nuyaXTfwIDwNUWGOGfStQvjy1feKtDmrwMTAKzIxRAQiHedNu36XzhpWeS:0VwuyaXTfwewNUWGOGfStQvjy1feKtDM
Score3/10 -
-
-
Target
locales/fi.pak
-
Size
365KB
-
MD5
7243727348009668ded33dd0109118c3
-
SHA1
aa19e2e340c8328132d12ff79d8fd6b02c512a48
-
SHA256
6581fca26336f66d8ba898ec1253b237db30e7cd1a25fc788290d7ace96fa6e1
-
SHA512
e890346915c0891a9f49640f232f6633e25655b969911a6697adfea709cec59bb925678e0b97424936c59d523c3ee9e2dc23f115e20c45ca3ed51ae691d0d7f0
-
SSDEEP
6144:ssjhtl8ymSOQbhCwx+sk/bOE/BanTLLE5lJucHcEJ18OWUczfSUWcX1wR2:sahtl8BlHRBaA5lJxHcEJ18OWUII2
Score3/10 -
-
-
Target
locales/fil.pak
-
Size
410KB
-
MD5
d7df2ea381f37d6c92e4f18290c6ffe0
-
SHA1
7cacf08455aa7d68259fcba647ee3d9ae4c7c5e4
-
SHA256
db4a63fa0d5b2baba71d4ba0923caed540099db6b1d024a0d48c3be10c9eed5a
-
SHA512
96fc028455f1cea067b3a3dd99d88a19a271144d73dff352a3e08b57338e513500925787f33495cd744fe4122dff2d2ee56e60932fc02e04feed2ec1e0c3533f
-
SSDEEP
6144:BnI+f5Qm2xaVyEDQftIK9bSNxeFXGvZ3Omy5GzmHYFAk1s8:C+f541e+b4xy5ym8
Score3/10 -
-
-
Target
locales/fr.pak
-
Size
426KB
-
MD5
3a5bb07820cf46c0f4a81a25724fe870
-
SHA1
dbc296c1fc516c60d453253ee341ca4d31554230
-
SHA256
b62c51b85545b3f5d70ac9c684a111689044636eafaeb196f5d52760e0f96f91
-
SHA512
0222f7a8bf3a6f77fcb9ab7eb0d03509d15bb8634d556547ed55141d550af241a525cc99eb13957744fe2e6d4732b9dbe4d078cb3555b16af6c13e20b9f4e8a1
-
SSDEEP
12288:LKJuit6QuagV1ZzosUZ7MYnYV1S3B45MxlqE0wC5ooLljHnkH0oR5FErg4JzV7RC:guvVZ565Sg
Score3/10 -
-
-
Target
resources/elevate.exe
-
Size
105KB
-
MD5
792b92c8ad13c46f27c7ced0810694df
-
SHA1
d8d449b92de20a57df722df46435ba4553ecc802
-
SHA256
9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37
-
SHA512
6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40
-
SSDEEP
3072:1bLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWl:1PrwRhte1XsE1l
Score1/10 -
-
-
Target
runtimebroker.exe
-
Size
154.7MB
-
MD5
75990ee1ed0dd57459df924c28b46700
-
SHA1
be7d7c518a44b3d73230364fd2064f9e2918f733
-
SHA256
43ebd800204d360a8ea88eb0d2ed10df9553a910741cd5646ed7d276fd0723a5
-
SHA512
f1337181f33e6724939859dc5d9fff45242870b36021fb45c737a261f82ed56e594370a24afe87f94a4376e92c0391604714fa2ff80ec000709fc66bc48341e2
-
SSDEEP
1572864:WQLTsMunuCM2/w9Asn6xzIEhw3JvqzPd24cwT3tIDvvEO/TZidNoyiMhOab0XLHE:WA8g5vu
-
Drops startup file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-
-
-
Target
vk_swiftshader.dll
-
Size
5.0MB
-
MD5
30d193f1976035cebec2c2d8f071c556
-
SHA1
97b1d811743f03e888c22d975c9eb77ba92142b9
-
SHA256
600e158b7d7fb95eb63552da1ae8159a6eb9bb04ff6341d11db2d10bd6c30c8e
-
SHA512
4eb6ec91fb060f67ea126c9c7dd7f672161d86302db41c7d999f33239a7c18062cc020c06ab9571f8023c846d22bd0fa5c020fb4c710bf6a21472002dccb6226
-
SSDEEP
49152:qe8XShSf/LIIKZIpvUIZHsQbZ+TN/Ld7dMZga4USoMqJKBwqJ5h0gKInLh1vuiP/:/8XSMfkcsLbJT7GMwZgKI9oiPL
Score1/10 -
-
-
Target
vulkan-1.dll
-
Size
899KB
-
MD5
7fdd1bec727e2b389c8ca84c407446c6
-
SHA1
a91343d9f52883325f52f28c5dd142f4ae07b3ef
-
SHA256
d04035c59f49444bd3cafd71296afd70bad5daa6e28bf5d7de3ffd0e36a85938
-
SHA512
2fdd95185507be9bcbf6cfe1f05ba47e71203b1dc3ce4cc1553e5fcfb576ab89bf018a8927fc5e6e451b00f56f7abb5f2efd504e1a674b42dbe80deeb13d669a
-
SSDEEP
24576:/R9nl1crwjLAQw6Z5WUDYsH56g3P0zAk7:/R1l1culw6Z5WUDYsH56g3P0zAk7
Score1/10 -
-
-
Target
$PLUGINSDIR/nsis7z.dll
-
Size
424KB
-
MD5
80e44ce4895304c6a3a831310fbf8cd0
-
SHA1
36bd49ae21c460be5753a904b4501f1abca53508
-
SHA256
b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592
-
SHA512
c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df
-
SSDEEP
6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck
Score3/10 -