Overview
overview
7Static
static
7999????.htm
windows7-x64
1999????.htm
windows10-2004-x64
1???????.htm
windows7-x64
1???????.htm
windows10-2004-x64
1QQPlayer_S...36.exe
windows7-x64
7QQPlayer_S...36.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...or.exe
windows7-x64
1$PLUGINSDI...or.exe
windows10-2004-x64
1$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$TEMP/reci...st.exe
windows7-x64
1$TEMP/reci...st.exe
windows10-2004-x64
1264be.dll
windows7-x64
1264be.dll
windows10-2004-x64
1264dmmx.dll
windows7-x64
7264dmmx.dll
windows10-2004-x64
7264dsse.dll
windows7-x64
7264dsse.dll
windows10-2004-x64
7264dsse2.dll
windows7-x64
7264dsse2.dll
windows10-2004-x64
7264dsse3.dll
windows7-x64
7264dsse3.dll
windows10-2004-x64
7AviSplitter.dll
windows7-x64
1AviSplitter.dll
windows10-2004-x64
1BossStat.dll
windows7-x64
1BossStat.dll
windows10-2004-x64
1CL264dec.dll
windows7-x64
1CL264dec.dll
windows10-2004-x64
1General
-
Target
af7323db4824b1ce7f7316783ca5db5c_JaffaCakes118
-
Size
31.1MB
-
Sample
240615-vgy77sxgra
-
MD5
af7323db4824b1ce7f7316783ca5db5c
-
SHA1
47df186878a9fbfed8d0d32370e9453cca574e15
-
SHA256
b0abc71ca4e6d51fd6d1bdc37ff7d9c07ff5bbb306b8544a26e9ca70cfd69d30
-
SHA512
378b69424ef3a8d81edae0a2810ceb2c14c01e7c3f95be85d588ea426e37052350652e71456277e2ef35369e7943a672afd705322bb70c62841e3435da14d248
-
SSDEEP
786432:JuslZmGFW2Ih+4SPTw4m281SIziOtkcmKD6UJ7vqyCCK:JZZfIzSG2XI3P1YydK
Behavioral task
behavioral1
Sample
999????.htm
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
999????.htm
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
???????.htm
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
???????.htm
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
QQPlayer_Setup_39_936.exe
Resource
win7-20240611-en
Behavioral task
behavioral6
Sample
QQPlayer_Setup_39_936.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240611-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/QQPCDetector.exe
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/QQPCDetector.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/QQPlayerHelper.dll
Resource
win7-20240508-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/QQPlayerHelper.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240220-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
$TEMP/recinstalldl/RecInst.exe
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
$TEMP/recinstalldl/RecInst.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
264be.dll
Resource
win7-20231129-en
Behavioral task
behavioral18
Sample
264be.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral19
Sample
264dmmx.dll
Resource
win7-20240611-en
Behavioral task
behavioral20
Sample
264dmmx.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
264dsse.dll
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
264dsse.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
264dsse2.dll
Resource
win7-20240611-en
Behavioral task
behavioral24
Sample
264dsse2.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
264dsse3.dll
Resource
win7-20240508-en
Behavioral task
behavioral26
Sample
264dsse3.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral27
Sample
AviSplitter.dll
Resource
win7-20240611-en
Behavioral task
behavioral28
Sample
AviSplitter.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral29
Sample
BossStat.dll
Resource
win7-20231129-en
Behavioral task
behavioral30
Sample
BossStat.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral31
Sample
CL264dec.dll
Resource
win7-20240508-en
Behavioral task
behavioral32
Sample
CL264dec.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
999????.htm
-
Size
101B
-
MD5
75570b806f2c9930812b6b71c4f0d26c
-
SHA1
111d0df233a973b15c7448bf96246d491655b0fd
-
SHA256
afb5671178dc0edb69866c5cf996dcc237253187dcd4338265643fc904b94781
-
SHA512
abf90fb21a2060ae6d2263da533ec2858ed46383d9dbf8769e7e4b0a5ecc77b6517a26d143d05f88807e2b1832fc982876dd32465bc2fd3f6680cc906bcb4e89
Score1/10 -
-
-
Target
???????.htm
-
Size
3KB
-
MD5
e671b800230491744feec96674890606
-
SHA1
f6b727ef6a51159945d63b598f96b9e57fb1135c
-
SHA256
7d12dfb87a9b2093f7589d97e3aaad285c778d56a4c3f66bf265c0e7933429be
-
SHA512
8d3f46aef16ed81be686c7e5e08c5f4f716b5453adaf6b475ca8137705b2856e8eba847fdfbb2433df95a096ffca75c57018f0a818849c6e776d839184692c07
Score1/10 -
-
-
Target
QQPlayer_Setup_39_936.exe
-
Size
31.1MB
-
MD5
1f1e2c0e38fc0d9241e3f83304a980af
-
SHA1
2a7bb3752dd11ebde54fea6eeecc1795f6e33c69
-
SHA256
a06c05e6ecf89cefaf82712cfc99d37acaf2ce9e36c8c52d3347a34172e3821f
-
SHA512
ea13069f841cb32113da2f9f445537073ea0c35e9df750322ff38f478a5a4d0c0a35cda76adf288298c433a688c0abbb811207f1fe110d838e1dfa1558ab90e0
-
SSDEEP
786432:8BueHvm4RQMGJos4rFSUMsQXM+/g49yikq5+WRFfuGCCk:8Bz9dGl4Ksl+77doG/k
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
15KB
-
MD5
6e663f1a0de94bc05d64d020da5d6f36
-
SHA1
c5abb0033776d6ab1f07e5b3568f7d64f90e5b04
-
SHA256
458b70e1745dc6e768d2338ccf3e6e86436488954ca3763472d8ffec4e7177e4
-
SHA512
2a037c39f3a08d4a80494227990f36c4fef2f73c4a6ad74dcc334317a1372234c25d08d8b80d79e126881a49fa4b3f2fffe3604c959d9ceceb47acc7192cc6a5
-
SSDEEP
192:VsIZHdT9uwYX94kYd2iCzHR+yK7imphLAykycpKPd5mj8ozxGUWumle:VsUHd9GN2d2iwl0impATIPdAj8Ov6
Score3/10 -
-
-
Target
$PLUGINSDIR/QQPCDetector.exe
-
Size
1.0MB
-
MD5
889a3d47b457b6223f43ba7d0e94bcb8
-
SHA1
02e0ab90f31a47a32811aab0549e12b7e468439c
-
SHA256
c5c89dd1fdfc508a1d76a1340d7b70173091dde9f04f9c18a9635a17dd386b30
-
SHA512
646c88c0519ade84e48bba983852bb64fe4c94a9bb7feba9ecee193e58175e814569452393c005d05d3893a0e1622e0bd0dcefabb6314e7bd1dcfc146f3f93b0
-
SSDEEP
24576:9cH3GjhQB2EBNfvkUY2222222iZDibQCI6Vd2Qy68pCx2U5aaUfR:W2jO2kfvkUgAbl8Qy1W22aFR
Score1/10 -
-
-
Target
$PLUGINSDIR/QQPlayerHelper.dll
-
Size
580KB
-
MD5
4e586facea72f75230fb08f1c42dfd44
-
SHA1
dff381cc6c2c983ec9fc89113dff5effcbfc4a48
-
SHA256
76fc88804224ab8a62dca91653aa1184fbf60b4dd8813aa72c68aae11f8249da
-
SHA512
7f4cae033dddcad7b16ea1f34bd9cf19deb3439b0632f1110b6dfd70b57f6f66efaa2737e081528cc8e4f5c9accc7682c55803aa6c203156287c92a6bf2d31a4
-
SSDEEP
12288:ZHzArlwJDhqWb3vL3of+vR7RkRYNK5Dw21w:4wPqWX3hvR7+R2ow21
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
b9f430f71c7144d8ff4ab94be2785aa6
-
SHA1
c5c1e153caff7ad1d221a9acc8bbb831f05ccb05
-
SHA256
b496e81a74ce871236abcd096fb9a6b210b456bebaa7464fa844b3241e51a655
-
SHA512
c7ce431b6a1493fd7d1fe1b1c823ad22b582c43c8eb2fb6a471c648dd9df9953277c89932c66afd598d43ea36f4a8602e84cd175115266943071cbc8ce204099
-
SSDEEP
192:hClej3uzvJwqJMQKN4GbeWZksMI4ETWcEbcBZ8ep2Kra7yOG:hCm2HgN4GbeWmbI4Eybogia7yO
Score3/10 -
-
-
Target
$TEMP/recinstalldl/RecInst.exe
-
Size
385KB
-
MD5
4088aa32ca2e2481d7015564a188f267
-
SHA1
badc988d1a383d17aae6e74697123acbddc8deb3
-
SHA256
ad2bbdad98c3ecba43b351a680771c3269b1b260a2c5f38030e82831d308232b
-
SHA512
bf3133dc1d2563b5dbb3c034f4d21b1c2f777857b544abaab6f8e916f7e95f545122cf7b7b7e7097053178b46c36fcb2f06f10dcccb384da39a44c576118f7c5
-
SSDEEP
6144:HG9aLDCBN07GGiYUL6bshg89JuKbgFfpxM:H7f8kGmUL6IC8LbgdM
Score1/10 -
-
-
Target
264be.dll
-
Size
749KB
-
MD5
2393f25444318d9fef32b656b1962b7a
-
SHA1
5e49183aa0a981c3b37027f59662a62e256be954
-
SHA256
faa78f80e9c23b4c0b10e0f15cb0855d8d92aa140e2b33a5df290b72de3c8e3e
-
SHA512
6159557a5dd9ce093746d108888b08913b09be3fc1c60f925d715c72ea7278d8c99f8eced1af07b241519ebce3d6b76c2e53bed01e919312eb83c29e4c30d5c4
-
SSDEEP
12288:jqc+sgZLAn1Y7iA7/zS8A5O3S9O1o1QuFxld+SV0x1HdhhOSpv+pAVxWT4lMFCza:enpZN7r9W9O1EQuPld+So1HdhhfopOxI
Score1/10 -
-
-
Target
264dmmx.dll
-
Size
701KB
-
MD5
a8189f7a407b4127ef37bc3b0a9102ed
-
SHA1
e8ee27f987bcff5adcbbbee8b1b6b82416888928
-
SHA256
c7ec406b4181a59173a8c8ae138686e737c02243cef7f506cb07583bd0d3b340
-
SHA512
4614e8b11308d27e8a4dcf6ebb275781adf4995a49731acb0d6baf7c117982fcf1d93e80927944c5644deb97e0542e103cd302511e56c926213539d5ef062cb5
-
SSDEEP
12288:gGcKKGoMltFK0ugYDb8qzldHo49MOr+upnVuAZS8lGKOBdI0/oEb9OwB6Ep98vd2:gGctGjS0GfHVospzcKCAEb9Owgg8a+BY
Score7/10-
Loads dropped DLL
-
-
-
Target
264dsse.dll
-
Size
697KB
-
MD5
adf302d70f8a6ffcf7503605035ebc68
-
SHA1
35e5ac5a2d8b5dfd8e815e87d5e47020235d08d7
-
SHA256
aff768c132ca74aecd96c55a843bc34f0238acf4fc23837b92e6844bc701cb4b
-
SHA512
7f1dbbda0cb5f87b81b0386e1b64080a0dcb3f4a38c9f92f7e3e2ec758fa996343486f06e3c5ddff3d7678fcb89d0d3808ea595dc15d0cb89260cffecf66502b
-
SSDEEP
12288:HlLsRpWQQJVpbF26dqHG4G4hqp2vTUsSp+kue8f6lAJ7QZOy0miUUFE7RBw:HlL8pWQQnpc68mKTvTUsw+kKf57QZd09
Score7/10-
Loads dropped DLL
-
-
-
Target
264dsse2.dll
-
Size
809KB
-
MD5
9c43576765dda89fcf822ea2115608e2
-
SHA1
b38c32d8334d08849a45349c4fc7e318f334c750
-
SHA256
7520672d5f03a59036123e9b07664c5ae374e825300a0bf6e5fafe93aa1245bb
-
SHA512
5451b7aa212842b654f7f16605d0546dc2c1accd48452ac0ed6c054f8b60a3b9da9b16952b4a7c24295e05b759a57eae591bc30388428d81f486d3eacc4f3c67
-
SSDEEP
12288:ftdHPi8dcTwIW1PcLEhG22eGmhmGBcIXD8/hIlK1bpexqy5TC2Ehy/xB6:fLHFIW1wEhcERpXD8/OlKqxDT+h2B6
Score7/10-
Loads dropped DLL
-
-
-
Target
264dsse3.dll
-
Size
813KB
-
MD5
b8576011a4d270d1ad4dc17415b93a0d
-
SHA1
02dfdec90f96ae3ebf2c7b3f7cd017f04478397c
-
SHA256
7f0677d7e93ef501d3cb9475e65d6d9de5580192b3c3e85a554baeedf5431075
-
SHA512
f27977bd694212324aaa166aa79a8c3299c37b4f4ec0370d723023da83c94752a9f5536ebfc4b20d2f54e1c04c4aa2138a29a546cbbd2d3e8482433001fb612b
-
SSDEEP
24576:JhWOYMLGaYNJ45jj6/qxOq68Ye5GH/PuR50ndvBu:JoaGx6x6KA8b5GH3uR05Bu
Score7/10-
Loads dropped DLL
-
-
-
Target
AviSplitter.ax
-
Size
499KB
-
MD5
357cb444650461ace42c7c6c1ab33c8d
-
SHA1
f7cd49ba0b52c92575ff16768dd5516de82fef0b
-
SHA256
3a4b5c8abe8c5ac72c79093ff2de5878f9b0868853ef1efbff2a395b6697c470
-
SHA512
adce5042fee8da11212a37e2150293f8f9d843464126567a47eb137e484e7e66ea31b808f8afc0b48e55e6d3a0d37a3b44ec872f8387dd035ceb5cb397726d09
-
SSDEEP
6144:4fnDhpw6pOHkUN2wmouRQmCtpgM0qDCKmL6dDzQnV0aF2kOj2io3iI:4fDhpw6pOuNLktP07KmL6dDzQV0aM035
Score1/10 -
-
-
Target
BossStat.dll
-
Size
55KB
-
MD5
d8ff4e858e02e1b00f0c9e96fd6590c7
-
SHA1
e1b43577fb1cd3f93615315510cfd570e6e05bf8
-
SHA256
14f1045b2fcc314e00f0a4dd626f2d8cf0b6f8037785a3a3bf95bb9ce6be448e
-
SHA512
c26b35303c62d08e7d2eed81002e277353eb2bcb6635a88e78597f95ff0c0c709c4117c29e273031d0006452198364c7c786955b58c6a928cff9d1cc981c7381
-
SSDEEP
768:7q657ZE/gt6oisxXqJnTuJvgUEUAb74v9bOAMdzMKKRXg8u8e:vdEItcs4kJvEL7qOAMdz/KRXcN
Score1/10 -
-
-
Target
CL264dec.ax
-
Size
493KB
-
MD5
f325790375e8781480d28da4cdde79c6
-
SHA1
1558cdcdad96933ac4cd25274b18f9dfacea0c7d
-
SHA256
eb08292c74703560e949601d5011b405f51a6bef143dbc359d52481fd862a6ab
-
SHA512
cf1299b53fe5806bab87426d2e97e3a5834c902bc39723607ced447781a94f87cfa471d7639d189aaf576a989ca386c5faaa03ee0e62ecf532e92d010b75ed20
-
SSDEEP
12288:rJ+JQSkIgjzNMHii9R9PnQFmYm/WdrF8OwYq+UqiWqZYuZTaAIBt:9+JnkIgjzNMHiiL9fQE/Q8qDUBW7IIBt
Score1/10 -