General

  • Target

    flstudio_win64_21.2.3.4004.exe

  • Size

    930.0MB

  • Sample

    240613-na59lszglm

  • MD5

    5f27a26f38aec4a4adb2f2281d28c366

  • SHA1

    1c9fb6b7614d702f81865dcac46094455d5db41b

  • SHA256

    3f85e3ad7da6780d28ecf1b629ac3c3a9c9a2c23829cba526edfe96bc7c00641

  • SHA512

    f7924dca9a07bdfaf6c45c1e46dfc9a9bf7082a86748ebede19937c352d5b2957fd4cf8c45bf08b69868c721852fe37962bb8ae833356426baafe2e1e8f8b22e

  • SSDEEP

    25165824:InKmCZREvIDFQp3851ixBeCX/jwp/6XCG:InUZtpQqfHmrwp/k1

Score
7/10

Malware Config

Targets

    • Target

      flstudio_win64_21.2.3.4004.exe

    • Size

      930.0MB

    • MD5

      5f27a26f38aec4a4adb2f2281d28c366

    • SHA1

      1c9fb6b7614d702f81865dcac46094455d5db41b

    • SHA256

      3f85e3ad7da6780d28ecf1b629ac3c3a9c9a2c23829cba526edfe96bc7c00641

    • SHA512

      f7924dca9a07bdfaf6c45c1e46dfc9a9bf7082a86748ebede19937c352d5b2957fd4cf8c45bf08b69868c721852fe37962bb8ae833356426baafe2e1e8f8b22e

    • SSDEEP

      25165824:InKmCZREvIDFQp3851ixBeCX/jwp/6XCG:InUZtpQqfHmrwp/k1

    Score
    6/10
    • Legitimate hosting services abused for malware hosting/C2

    • Target

      .data

    • Size

      512B

    • MD5

      6441542fb2afaa7d2c49c9878808b86f

    • SHA1

      5937c7c41f86a1085fe6ad12ee5e5c516db900ed

    • SHA256

      020706760674224ad7cdb2cdc0f19353c0c1c14698c40c5471468f0958850ba4

    • SHA512

      ca92865f7d67f2d9f209533d4000941fd50878a24505b54b9a40c47a8bdab7f03c130707e6c6738566a0fc3b669bebc7c6d11d9a7feac7f06944373d238af85d

    Score
    3/10
    • Target

      .rdata

    • Size

      6KB

    • MD5

      6fa1963797c52ce037b57866ab14a035

    • SHA1

      f8649892f3dec5255b84bf755c08f7a541d7ae05

    • SHA256

      0ac6658d7ec44668f2de9fd62c27998423ebd3f1684adc7f416aee7f678f5208

    • SHA512

      a28eb856f9fd69e3de2547ab0b7f61cee56ef1d03bd39f30575800674947f469291c38fcb6bc0a21e8c5cbee5404dab4a08e459ee6dc857b5ffc5ec7ddf9df23

    • SSDEEP

      96:nIWmDBArDY6DMm8xCjuuapcFv9IWmZSGdx8DxlKmde7EKc1LVVPzWXryWKEW+:sirvDk8uYYZFduD7KEJxVS7yW7W

    Score
    3/10
    • Target

      .rsrc/BITMAP/110.bmp

    • Size

      1KB

    • MD5

      60d2a10c7daac29b36ca1c303f13d0a2

    • SHA1

      20d4acba22f5f106bbef22fa3e70166fff9fb9b6

    • SHA256

      5ac685bb79e6fe75e6e54b9fd4e9524d8da6bc8acb269f50c42bf372af671570

    • SHA512

      c56f59c8ec1dc653cc69953ebdde2786e0fb6e327d34b9c3107f50a3302e9c709733156e29b52b1ce4fe7352585a11a5b8c62843608746422ab5f6d2d2d3a0e3

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      .rsrc/DIALOG/102

    • Size

      180B

    • MD5

      a69caf66f3f899403f8b25b02dc61908

    • SHA1

      3e5db9186cf0f75be24676462d88170e5950d9c8

    • SHA256

      7854e8d67a11148566ad37c5d23e1534e0990fe31a160e0e7da3ca751830bb50

    • SHA512

      b8f5c43b1efaa529778ef8a8860101077dd99bc631c72399cf50755099b977c2c7d49e2a3dd669cf72a312ebcead788dba2b73479bf8a45f9f5837bcfd72c504

    Score
    1/10
    • Target

      .rsrc/DIALOG/103

    • Size

      288B

    • MD5

      db6dd0434da4d7cac564518725167e09

    • SHA1

      a65a1367d7cd96450f089a8f8108239bbcea9f5b

    • SHA256

      c50631fc1f8425a95fd1edcc8e730d339e193a38f18d42372c32847a5ad2c016

    • SHA512

      4f0c2d1b5ebbb6760c43b9369dd90fdac6ab5e2280db9288ba9eb106642b4aa7076cb942718ae9f93cc97af79de1ef85d07e2aa4823a882956d46f5e03ff0872

    Score
    1/10
    • Target

      .rsrc/DIALOG/104

    • Size

      344B

    • MD5

      9bf5ce4f6c93b09e4f5659e204c7ef69

    • SHA1

      70260f4f07476e289d4f0da08f6ea81edf377c05

    • SHA256

      4978808cfa3a9f541262585edca9b87268d2025e637f7254b269cef216b39a79

    • SHA512

      943d8b8636cc829cb46f4f88ffd7f5cfa51ef8fd8ce4cb05d5af43fe6be2bb420d66d4b41382f75e980b78d27dbcd3e7a81482bee9dd44cb7a77404c5fdb5c52

    Score
    1/10
    • Target

      .rsrc/DIALOG/105

    • Size

      512B

    • MD5

      d1a92272fbd597e1aa19021483110d5a

    • SHA1

      9f75072682b37c6c52361d8c988ebd06dd003f63

    • SHA256

      15663576584c947d634dab9848defcc7d8f05eb0b7e7c6d52d81eca695fc7a6e

    • SHA512

      367ebf76b9e39454afc064094b82df47177e533b3532dc24eb92aa6b5ec6393f228337cb093a73eb2f05516fed200d4a26fc74b9588fca19b0ff352736c4dd99

    Score
    1/10
    • Target

      .rsrc/DIALOG/106

    • Size

      248B

    • MD5

      fa83652660409e90e0db9731ad2adb17

    • SHA1

      0a8f0af67723c87fe26ccf676b8e19ec6357b4dc

    • SHA256

      4a55bd714f5d50cd8eabba10e57f0618f1842717dcfa582d73a917b1933cd1d4

    • SHA512

      d97885f9c2846a042ec3c0d01a756d22fda7a989d55cd61efbc945abcdcfd74ca0284c745cf8bebf2d2fab82718f7b57ab0b701f67d2319ca6b5f55bce663c07

    Score
    1/10
    • Target

      .rsrc/DIALOG/111

    • Size

      238B

    • MD5

      663040d6315b1d6ce8c0334d182ed8fc

    • SHA1

      ebcfff801a12fb8ad1200a4526fca8bd2c3e96cf

    • SHA256

      cb3c86cbcb579244a6f819f9c1807a7e89b6e600982ec6ea0841fcdcb16a9efd

    • SHA512

      a6a4dd7641083e24e09ff1e851e26b191a46f623705098777baf0784003637577417330e78df6bdd28efc98d0cb9edd1d259cb78327946eae5e7a5117d13445f

    Score
    1/10
    • Target

      .rsrc/GROUP_ICON/103

    • Size

      132B

    • MD5

      3eaea37329e07b52b9aa3895651f5b96

    • SHA1

      d5e11ff4f4f7885a8527c2c8eaa4ab3c340449ed

    • SHA256

      4306a580d344902ea4eddbaf0d4eb232e94af8167169324a86b71815f2698123

    • SHA512

      83dc676bc95fa6cd4ba68a82aee5b4568a3d01219f2532f2f650b7f9e3e0231fbf23ed5709ed874b67c55c1e3e2cc163e043bcb307a740cb570ff02c77b56be2

    Score
    1/10
    • Target

      .rsrc/ICON/1.ico

    • Size

      9KB

    • MD5

      116757cf78afecfc1060956f1823e86f

    • SHA1

      428145a1c9b04e93c87ae9b8bee9a57dff27d904

    • SHA256

      e2638e78626d46841cfca102d811b150eec2a22ee82dcff56179402b244824eb

    • SHA512

      98296f272c0add282c3ac51c401e1007dba8f163eabcbcea711596ec46ba8332855e9ebe84452654289e89ba0b154153d845a30fcb3b5b83ce9fad0991ae1a30

    • SSDEEP

      96:aepBBpaC8EY0Vp1a6XVaIaSMam2p9+0jUixP9gAY/0bAPuYcJjGCyK:dkCS0Vpv7y8VBxlgx0beuYsyCt

    Score
    3/10
    • Target

      .rsrc/ICON/2.ico

    • Size

      4KB

    • MD5

      4236c42865e038f3dfffdc2f6a7d0642

    • SHA1

      8eb65ef93e70f481030098cbca5ab18eb1a6a0a4

    • SHA256

      325e615a2ce5522625eb7e2141f2dfa91631cd9e0eef503d440213093600af9a

    • SHA512

      7e26dd566c318b0abcdda46217870ddc97fdb80b3d15fa1e88951259a34037b3785ccdc8e2da29af2b5436d882c69801f524f30cbfece21ccd1a6741238a49bc

    • SSDEEP

      48:GBXjpZnEG7pk6JnGZ7dAIw9h+VIV+ua98nnCbJS4naiYVNzAO7UB0jhvtoevMbc4:bGdk6Q7dmhio+ubCeV9F7Um4er4

    Score
    3/10
    • Target

      .rsrc/ICON/3.ico

    • Size

      3KB

    • MD5

      a0332000cff957d6a7160cfe336d93e4

    • SHA1

      713d6d7f6c0ee82d1209dca926b9e5adb50ecdd1

    • SHA256

      7075e5b8cdfda69ee25f83e414ab073035cc2d2e1a286ad0c9eb6699c82d1b19

    • SHA512

      7cc586ec188d17f49cdd3b0db158b66bedbd379c19905665867c8ce38b0b80829dd862881d4820f3f5d856c98a2f56b4a3b74d8edc4cb0f0a87a5fd1c4ccbfe3

    Score
    3/10
    • Target

      .rsrc/ICON/4.ico

    • Size

      2KB

    • MD5

      1067ca46830088494ac7dda0f837f3e2

    • SHA1

      7b919b8dc05848fb9d65fad0665dac7743287d17

    • SHA256

      1843c2c3d180ded68e3cca7af6ae453ce51e98401f1ade79dd8d3edd5f43398d

    • SHA512

      c8612ae4873b16d023cc4eff7a70c60a5c6c9a535b4847d46fb8a1200e7c1735eb318c68b1fbe4767f30246d3188329590ab03ce3d7c99127d598227aac5c3ac

    Score
    3/10
    • Target

      .rsrc/ICON/5.ico

    • Size

      1KB

    • MD5

      bce8a2e304cfcfc383cd59a8a58f9092

    • SHA1

      89d935ca844041587199e07b789d81a5f0a68d70

    • SHA256

      cd89ebd98d089390c92a4a2f0d3ebc69b06398a5014c5cdff77552b6cd158f93

    • SHA512

      8ab62fb8b4ee53f5c8da04c3e13ecf6e1ac874bb2ec22fd97303d56d16b45e957a1d12b32685e968eb1e7503ec490769c9c1e6c6cb77cfa08a9541a9517ad80a

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks