4c736d1faacebb84bd437e13ebf1d1c0d615e1aabe55a0444d5d290a9e8d5c7c

Sharing

Copy URL

Twitter E-mail

General

Target

Vaydeer multimedia knob Setup 0.1.6.exe
Size

123.6MB
Sample

240626-1elf8axgnr
MD5

bcc18fe6f389df44228c607d59bc3ea0
SHA1

0d09da8f1de65cbfd92e8e3eb307e13fd7eaf674
SHA256

4c736d1faacebb84bd437e13ebf1d1c0d615e1aabe55a0444d5d290a9e8d5c7c
SHA512

36fea5a86d574fff25953374a7edcddde944833bf5cda2fcc86aa68405acd154dfac3bf4d7df2287c1df6f087e83c0eebf1494c0f24a0164378abf0fbdd465e5
SSDEEP

3145728:+zLhRHbyJCvEEuajS77Jy60ULhRHbymsXM4ibE/jrst:a7yMEEhNBU7y1M4i47r2

Score

5^/10

Malware Config

Targets

- Target
  
  Vaydeer multimedia knob Setup 0.1.6.exe
- Size
  
  123.6MB
- MD5
  
  bcc18fe6f389df44228c607d59bc3ea0
- SHA1
  
  0d09da8f1de65cbfd92e8e3eb307e13fd7eaf674
- SHA256
  
  4c736d1faacebb84bd437e13ebf1d1c0d615e1aabe55a0444d5d290a9e8d5c7c
- SHA512
  
  36fea5a86d574fff25953374a7edcddde944833bf5cda2fcc86aa68405acd154dfac3bf4d7df2287c1df6f087e83c0eebf1494c0f24a0164378abf0fbdd465e5
- SSDEEP
  
  3145728:+zLhRHbyJCvEEuajS77Jy60ULhRHbymsXM4ibE/jrst:a7yMEEhNBU7y1M4i47r2
Score

4^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  14KB
- MD5
  
  adb29e6b186daa765dc750128649b63d
- SHA1
  
  160cbdc4cb0ac2c142d361df138c537aa7e708c9
- SHA256
  
  2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08
- SHA512
  
  b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada
- SSDEEP
  
  192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/WinShell.dll
- Size
  
  3KB
- MD5
  
  1cc7c37b7e0c8cd8bf04b6cc283e1e56
- SHA1
  
  0b9519763be6625bd5abce175dcc59c96d100d4c
- SHA256
  
  9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
- SHA512
  
  7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
Score

3^/10
behavioral10 behavioral9
- Target
  
  LICENSES.chromium.html
- Size
  
  5.2MB
- MD5
  
  4247afa6679602da138e41886bcf27da
- SHA1
  
  3bb8c83dc9d5592119675e67595b294211ddbf6e
- SHA256
  
  bf59a74b4404aa0c893ca8bbe636498629b6a3acdff4acb84de692462fd626e4
- SHA512
  
  ad3103f7fd32f0ec652bc7fcb8c303796367292a366037acad8e1312775cdd92c2f36ed8c34a809251ad044508e1e7579b79847de61025baf8bda5ad578a0330
- SSDEEP
  
  12288:/7etnqnVnMnBnunQ9RBvjYJEi400/Q599b769B9UOE6MwMGucMEbHDuX0YnpWQZG:sPMM5FaWStHvmUKItmfDTeHiVQZp4
Score

1^/10
behavioral11 behavioral12
- Target
  
  Vaydeer multimedia knob.exe
- Size
  
  117.8MB
- MD5
  
  0b1cee5f3dde4f08798f289429041adc
- SHA1
  
  186b44ba8995570e9c8de7e6bd804f1a7efe0a11
- SHA256
  
  caca49743c770aa5375cac879dc14b80ef48f11d2451f4449e339a44a0939c44
- SHA512
  
  cd6e6170cee691e303f85e5efab8b137cec0d0cdd9877b51db0efbd45218b6287f80cdad86cc5dae144f776338ac41d237899baf65c2b7257fc5211f3661ed88
- SSDEEP
  
  1572864:FsUh7AnP+tF2Luxxoy1XOAGcW0b4C6jwfEgZ2oyRYqcairhkmGhL9UdFUn+FwarP:I4nlO+zVGmGrarOV4CyIhi
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral13 behavioral14
- Target
  
  d3dcompiler_47.dll
- Size
  
  3.5MB
- MD5
  
  2f2e363c9a9baa0a9626db374cc4e8a4
- SHA1
  
  17f405e81e5fce4c5a02ca049f7bd48b31674c8f
- SHA256
  
  2630f4188bd2ea5451ca61d83869bf7068a4f0440401c949a9feb9fb476e15df
- SHA512
  
  e668a5d1f5e6f821ebfa0913e201f0dfd8da2f96605701f8db18d14ea4fdeac73aeb9b4fe1f22eaeffcdd1c0f73a6701763727d5b09775666f82b678404e4924
- SSDEEP
  
  49152:sXMoHAsisjBFjJMLhHELxJm8ZU8W/GBj5Z535TMpinAizxkl/cD11bqCG7jHbOkD:srZOb8W/G5hnAizxz7NZy9AG
Score

3^/10
behavioral15
- Target
  
  ffmpeg.dll
- Size
  
  2.5MB
- MD5
  
  df21af58b55d1a2e6c2e176e29695d9a
- SHA1
  
  cd1ebb1639ca91035b3e8d8361a413865066c4fe
- SHA256
  
  c7170c2f072cd2cdc21ab93ca39034246b94fdf408347602427140a0a8e37543
- SHA512
  
  d62cfb9c163193de4b97750ae9c9e122f96abd6e524e0318d343f15231062250fe00aaf9c8a8e8112e0072a8fb30ac0b07c4413488de5a553d6afafd8a36e574
- SSDEEP
  
  49152:+tGX4mOrucp9DHNj8CvJhAbEfvWyZOjp+:EGobp9DHNVvJhAAfCd+
Score

1^/10
behavioral16 behavioral17
- Target
  
  libEGL.dll
- Size
  
  349KB
- MD5
  
  a10bc9a16449c6c9c8f52609945a5d06
- SHA1
  
  cf3cedfc54ba62c666c309871928ae24c6a16d91
- SHA256
  
  0488375345342935ca6c0704836d5af1e5fb5ac50432da1b7e65dc585b483015
- SHA512
  
  a377c9fa3fc0d1f077930cce7226ad59b533c507f408695c970d743b73b8af1df2aa83046b79c11984a6aa68b4502b8bdf0d339f9251604b450e4e373ef610b2
- SSDEEP
  
  6144:9EYlqgyp/a1fn9F3bsyy/0oTv1eqMuQ/4RQpV5+eMHm+piZ:9EYlryp/M3bsyyb7SuQ/WQJ2U
Score

1^/10
behavioral18 behavioral19
- Target
  
  libGLESv2.dll
- Size
  
  6.6MB
- MD5
  
  b2582f122378246e885b25598bb64e23
- SHA1
  
  3684b220541bb85425d51ad0c86485fb358230a9
- SHA256
  
  0c99dac71f32760346ac4ff628066339eea6f0e79e9d5e5387af13be0fbf5dfb
- SHA512
  
  9122bdf562b649ad41f4903fe9981170fa43ced2e724bc60434645ceedcddddc393cbafa7a7b4143ce0b0d3a664c5d135a15cd3bdde2e6175b9d611158366ce2
- SSDEEP
  
  98304:cQjdYjiujJ/LcrF9ksM3+kBvJI7sW61LrFpLCCU7ZIIEOb+t:cQj9AzE/5knIQW61DCdaIdb
Score

3^/10
behavioral20 behavioral21
- Target
  
  locales/ko.pak
- Size
  
  119KB
- MD5
  
  ba2aa678feb54d0cc55ead490319499f
- SHA1
  
  9b068cf972a54a38c632ba097c796e3bc430764b
- SHA256
  
  68f0e375280fba916fee943d8c427918f4aee2a266583298a0f03679a748615f
- SHA512
  
  41d9177c537c4bbeaa18669b1e7f31c5c90a48c6cffdb2e8aaeb5714e04d8e06e1210fe00afb3d7b6c58e95227eb1b86e92950fd1b8c5def74635921991ccb45
- SSDEEP
  
  3072:J225rvz7zucczqt4AgWCYeHw0pFSCuUkprTrQN2/4KiWg3qnXhSwD7:xLz7C+tIm08SwX
Score

3^/10
behavioral22 behavioral23
- Target
  
  resources/app.asar.unpacked/node_modules/node-hid/build/Release/HID.node
- Size
  
  832KB
- MD5
  
  c737d1d6503af7ef6adf57e3d2935853
- SHA1
  
  3669ceb541e17df66be61396e3345b630d19d82a
- SHA256
  
  31698f611727b442a40c9801d4cb09da9f1f075b8bf155098c65b5045862b375
- SHA512
  
  190a46fec037dd8919d11c6f8f79ec788ffb8594c9a31b4b85ebd6eadc9286eaa56f584bb165e99519afdb782c6b1ff3792a86c9b2e4b7432b336a2bd62a86a5
- SSDEEP
  
  12288:u+2nvZY1DPHyVrn2iS/lcW1vXvhKi4l0BTqEPCPVN4XTA6H9J+FM:u+2nviDPHyVrnqel05ZPC0XFH9d
Score

3^/10
behavioral24 behavioral25
- Target
  
  resources/app.asar.unpacked/node_modules/usb-detection/build/Release/detection.node
- Size
  
  813KB
- MD5
  
  82b32a65634771bab7b4d606665f8e08
- SHA1
  
  bf22141119a83a2c4c5b8a543ee9676a6955d25a
- SHA256
  
  87665be6f26c6913b72152775383be59205510f982f379ee21b3c97a5c145964
- SHA512
  
  132b06b893dfcefa260b422ca607b5ea2f313688084259681176c3d85682fa8a27ee2bdfe4443f3a2c139abadfdcdc67e3c65d3ab19be639a25aa865ba74f801
- SSDEEP
  
  12288:WCMUmtd783v3okk5kf7mu6eRJnTSuESMQCLuMee2a5M0+:H0td783vYkk5O6e3TSSMnS0+
Score

3^/10
behavioral26 behavioral27
- Target
  
  resources/assets/VolumeCtl.exe
- Size
  
  232KB
- MD5
  
  515f8f5c2d3247c7cdab2c5dcd91283d
- SHA1
  
  3e2f72ed18093b2be7c44a87fdd9e7ca4bda83b8
- SHA256
  
  447e4778fc39df97472a5dda5d4941118b8951eed8e3dac4d2924e7c282bf571
- SHA512
  
  55158e949075a8db1fc93065f8f7d518105043e70918af0bde1190f19c5596a1f2e05b9d9b9dac8e3d660161ef9ae047e188bcf24a6dec9c8de50f11f2cd61dc
- SSDEEP
  
  6144:u3dW/anC2Hxhneag3GpAtIZd9TB2SzRy51CMxnIZjdnmML8:CE/2bHeatjd9TB2i21CMRIBxmH
Score

1^/10
behavioral28 behavioral29
- Target
  
  resources/elevate.exe
- Size
  
  130KB
- MD5
  
  4e37d9b435370394589c108bc63f17f8
- SHA1
  
  e2275e58a0a0348c0825e348a3510c57a73c1368
- SHA256
  
  7952c0510cb60296997050034c55b7dfa7356cbf19ed4f6015245b80968c2c02
- SHA512
  
  4fb234052426bd41faa243859ea1c2cf04b98091d6c76a54a4a9e053de013e85770256d45d584499df84bf67cedbfd7f7a8ef1ff9480ca37617eb5356a3c6f60
- SSDEEP
  
  3072:VIbLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWlDxJogx0:2PrwRhte1XsE1l7or
Score

1^/10
behavioral30 behavioral31
- Target
  
  swiftshader/libEGL.dll
- Size
  
  364KB
- MD5
  
  0b1e18f37170dc603ca58f0133a7a4c8
- SHA1
  
  195ad08f616231f3cf0f0e875472f3a6388eb68e
- SHA256
  
  c542e4da82878606e4597b60dd922cf8cb9bc679b5e631b3a197b6ee19a5803f
- SHA512
  
  10f3db94cec3b333d1070f0e0c0976beb963b4ee49d28bdddfc9b1adffa7ed0e645676cea8506087645b375a0e1cb3481ed7e4e287742fb06151890c3c524203
- SSDEEP
  
  6144:v4vgaNrFwjONtiVw4LVxz3jbIHupKDdheV+FE+liVSsI4:v4vgcrWONtiVxQupKJhK
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32