Overview
overview
8Static
static
7ASMTXHCI.sys
windows7-x64
1ASMTXHCI.sys
windows10-2004-x64
1AuditorIISInstall.dll
windows7-x64
7AuditorIISInstall.dll
windows10-2004-x64
7AutomaticSearch.exe
windows7-x64
1AutomaticSearch.exe
windows10-2004-x64
1GetRank.exe
windows7-x64
1GetRank.exe
windows10-2004-x64
1Office Tool Plus.exe
windows7-x64
1Office Tool Plus.exe
windows10-2004-x64
8System.dll
windows7-x64
3System.dll
windows10-2004-x64
3U3DPlugin.dll
windows7-x64
1U3DPlugin.dll
windows10-2004-x64
1WMWhiteboardSDK.dll
windows7-x64
1WMWhiteboardSDK.dll
windows10-2004-x64
1chrome.exe
windows7-x64
chrome.exe
windows10-2004-x64
fribidi.dll
windows7-x64
1fribidi.dll
windows10-2004-x64
3gmp.dll
windows7-x64
3gmp.dll
windows10-2004-x64
3mp3lame.dll
windows7-x64
1mp3lame.dll
windows10-2004-x64
1theora.dll
windows7-x64
1theora.dll
windows10-2004-x64
1General
-
Target
9859b96a61b88e8ae36336cca584a82aa0835ccbfb09c6d9cd3fa3531881fb42
-
Size
4.5MB
-
Sample
240626-grflysyfnd
-
MD5
e62546d19f7c6df91b44f1351c4f2a5f
-
SHA1
ca88321c2d9e5d9df333fdc686cc59e5f7637ae3
-
SHA256
9859b96a61b88e8ae36336cca584a82aa0835ccbfb09c6d9cd3fa3531881fb42
-
SHA512
5e8752048dd9d55721902baf5b7a2708fb7ae933ec111e6841e0d6a9c67912d4a2e853fb90d2e2e686f55dc64554b9ebdb85861bedf9478cda47fc441c84f672
-
SSDEEP
98304:4G7Wjpv3KUpAqkguX8AjtfGk2dl1H3XHhvoGH4QF/k8KWPR:4AWjyqRAjoRdlNJbkVWPR
Behavioral task
behavioral1
Sample
ASMTXHCI.sys
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
ASMTXHCI.sys
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
AuditorIISInstall.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
AuditorIISInstall.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
AutomaticSearch.exe
Resource
win7-20240611-en
Behavioral task
behavioral6
Sample
AutomaticSearch.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
GetRank.exe
Resource
win7-20240419-en
Behavioral task
behavioral8
Sample
GetRank.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
Office Tool Plus.exe
Resource
win7-20240611-en
Behavioral task
behavioral10
Sample
Office Tool Plus.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
System.dll
Resource
win7-20240220-en
Behavioral task
behavioral12
Sample
System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
U3DPlugin.dll
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
U3DPlugin.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
WMWhiteboardSDK.dll
Resource
win7-20240611-en
Behavioral task
behavioral16
Sample
WMWhiteboardSDK.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
chrome.exe
Resource
win7-20240611-en
Behavioral task
behavioral18
Sample
chrome.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
fribidi.dll
Resource
win7-20240611-en
Behavioral task
behavioral20
Sample
fribidi.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral21
Sample
gmp.dll
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
gmp.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
mp3lame.dll
Resource
win7-20240220-en
Behavioral task
behavioral24
Sample
mp3lame.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
theora.dll
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
theora.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
ASMTXHCI.SYS
-
Size
275KB
-
MD5
268b5e1b8245e8c8fa6a6a9bc436acb5
-
SHA1
357fe142d72244379ecd3940651e48b5f31884f1
-
SHA256
47c8e5738624f60c9922d6c9e28d4c93ca09aa47dbd3a37afe45b99ac5c61b9e
-
SHA512
a11f9d96d08b2b0b4401eb515261b1bfa05c7cf0b65d71981d20afec033b4b0fce728494c3965dfd406714af4a812b7eb5bdf869002adeabad03e90679d4c7f3
-
SSDEEP
6144:KzzKk/zSFjmXWAOfMBzHcOzszzlYqjSnJ+7oZ1q6mh:KzzdSF2tOfcHhszzGvl0h
Score1/10 -
-
-
Target
AuditorIISInstall.dll
-
Size
325KB
-
MD5
71155355832180db632abf90a04522e8
-
SHA1
e813b30a3e1ee35f191245b886f267fa98a5ff1f
-
SHA256
18af647c2ccf5a042bbe084f218e945c71817ace043b2b42dea7ded50a7ddf97
-
SHA512
0aba824c6eb8653e06774b262d4b0e8704f37569dffcdf0bd93e2ef3736b4a4a9b6d6682ab246ee2697eacc62029b94f03094ca288e382209aaa0fceab3f8299
-
SSDEEP
6144:DYGslQPWnB2JybPgS4pGffbTBN2lA/qgmHVHHz4oHUEuzYu/aY4n6F9s:YlQunMJyrgBSnB8lAyjzd0/X/aYwia
Score7/10 -
-
-
Target
AutomaticSearch.exe
-
Size
376KB
-
MD5
fb35f86d66226c645f98ee826696e900
-
SHA1
13508b5277a891633f90e0cedc689be720f47f6a
-
SHA256
c7755125ed32acde1df18dcf45320e8acdb9d86af9562f79bd354bf62a69d181
-
SHA512
83675788c6b16af2510a52d09b764c860466b821ffa7bbaf050b6f0b9a48339888b471fc767b84bf550030d828686537d140d38fed0d6f02a804877d1203e9a4
-
SSDEEP
6144:4NepssUkYbs8tbysm3I3M952kF/p/uwONct43j92U3hRQHEMEX:4NGMkYVgsm37n9pGHNu4B2U3hRHx
Score1/10 -
-
-
Target
GetRank.exe
-
Size
244KB
-
MD5
022c4991926fd27ba38cee13e69e136a
-
SHA1
75b548f9dc876037aec6fda476212b8c24b6da04
-
SHA256
168b1687c09a109055add83c9636248d9c868f4293514312099bc643f2e97324
-
SHA512
5df86ada26a8175a0edb3b5896f962d2e378f27a2a01856230a156851154bbe7a268b4e56fdfd607755db74692916d9151c293ff190be1bf97a746106e59a1a8
-
SSDEEP
6144:WmXRQXA+uOWucUgFP96wxD3frsWTBhwmW5/NwjIJ4I:WmXRQw+uPFP4iDvrsWTfw5G
Score1/10 -
-
-
Target
Office Tool Plus.exe
-
Size
1.3MB
-
MD5
756e471ba0a5cd5b7be3da906f850124
-
SHA1
38888cde1bbfef7653f4bf43a61679949d658a43
-
SHA256
f6cc88d0951cee665a083ff2c2589c0f2decb1454a5b2c0a9e3f6874be04a772
-
SHA512
9d77a1fa6dbedc3a09e320425de0f9ac5f3bb5520e0388ef13eb0c7a5086e88927637b39e0a499605aadd231dacf80bd9c9bedc47591804dc793655579d2aaf1
-
SSDEEP
12288:GethJYw1mXmcMciQn0gj6aWlvFdxrfe5seMdgfi/:WKzqyeCgfi/
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
-
-
Target
System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
U3DPlugin.pvp
-
Size
4.0MB
-
MD5
ec4ba327c62c3c5367330097496fef00
-
SHA1
2fb77c479aeda6aababa8fe5d579558cc08aa60e
-
SHA256
2624231f837f98fecc26e137c3e0b3c450fb1429388d263802a0b5c2ff66e708
-
SHA512
73109c09cb0deb80baca09c7d369ab71462f1d06982a3c4c98ba5f7eacd6dedad57042d404fc2a8b43a78f6e4c84252ae2cfa46c58675a4f9bf536d8234fda4a
-
SSDEEP
49152:mWz5+lnLDYvStqpj33u0FSS8+NQ78qVNH/XEQ0mtDj/rciFSsTUXl7VHXpgetekC:mWQ8P3u0EINC8C0Q0yzsrqe+
Score1/10 -
-
-
Target
WMWhiteboardSDK.dll
-
Size
884KB
-
MD5
78e89130d9f65fbe51bfd631359fb806
-
SHA1
b25e48c8498491db182e69001fae901c15fb2874
-
SHA256
69b6f5cbf02ba24945c083767d8aced62701171e8c0faa608552e0fb783d1821
-
SHA512
56b50eaa87002e6d58a7cc43bb1a53c7f990e47ac509df7bd23a22c76fcf720cf35a463648e8602a05a8cd48224c6c30c110076cee963537a9e3a21d6aa1ca63
-
SSDEEP
12288:egvLyPftkEieqlDrfEmIINywkCqwlt0mqURB1HlP05ZwRhe/ZBJDg:egvLyPriEIcwkpwltBlPkZwOvt
Score1/10 -
-
-
Target
chrome.exe
-
Size
2.1MB
-
MD5
1571dc55a0cef6862321697e16a40e42
-
SHA1
3d5043700c14e6963f5c650bf6baeee32fd53aa0
-
SHA256
cfb9b406cb17eb8d5598e40a0a1fdac8c2f3fa23052778a7964aec0e988318c5
-
SHA512
5eda1d4192035b6223849e1910b67b570ed1700a0c7bd59ccc107aa37efed3a2c43b089aec0eebe24f58cbb6cdee4ae190ea695e33e086f065c568f4282837d6
-
SSDEEP
49152:FE5IZuz9ynTP+z8PcMQys6iHdRS50xZ3rLio:m5RynT2z2Qt7HdRS50xZ3
Score1/10 -
-
-
Target
fribidi.dll
-
Size
109KB
-
MD5
8bf61bf129fbb4eb55489dfa4afb2083
-
SHA1
5622437a03146039736211bb848a438404e2eb86
-
SHA256
1b4294f20fe366e17d4cb00d1ab45b7a7ca3d6f229746d38f92fa25fb5291e28
-
SHA512
fd68a22fe35937dad01093e1d8841dc45ec06ae5093307f3b4681af66d01707b76b5c724926b0e7f38adfdbc9495941b83b2ff8481e28dfbec28a1f0d88736f6
-
SSDEEP
768:ELk8xmqUWioSxAXJrTLjqO000ydThW5EKeYeV8aYs4+42DJZEoRbSlSeBinyu2hP:EA8tiM57qO000ef4VV2Q
Score3/10 -
-
-
Target
gmp.dll
-
Size
295KB
-
MD5
b45635125d0585d54c1ce8167ca8bb7f
-
SHA1
0987c05699b78018d15e8622d5a224572451f179
-
SHA256
fd8593518daa0839b45411096cdd9f126258f5e0909699fee71da2daeb55e5aa
-
SHA512
61e19f45f55d384097429c101c625353dfb68b497d72af05031d0ebd383c040c7987ad0ba21fe6f5e018622a67d25870deee22d752b89d0f80bc530dbea06dfa
-
SSDEEP
6144:j5aqx9yJSVMxKkm6bf4rkeaW1tUHJkD4GXS0:9aeCSVca6f+7aUpDtb
Score3/10 -
-
-
Target
mp3lame.dll
-
Size
289KB
-
MD5
f2feabca23c1bd184101c16a8eeb429a
-
SHA1
f0157e924692a878de21135cbe2d76807c3679ac
-
SHA256
fcbd987fa26eba2efd6143edbaaa298cc6850ddae7c84418cf96525afdd9d499
-
SHA512
b9d4b7ad5a6e7b54ed64a405e1464b7833388ec0149737ce6577c1caa9d0ac1f60d4b13da1e1d0ab8e88210e0ef5e7e9f8fb437c8ad93adb176ebafde1f9c213
-
SSDEEP
6144:eB54Vi2wZyflmygk9ecx3r8nEgfICNwJGmWJtrWqQqviQO:erVelmy5Ucx3IIGmWJtrWqhO
Score1/10 -
-
-
Target
theora.dll
-
Size
167KB
-
MD5
fcb8b2052112ef1f2d2d227382320b89
-
SHA1
5abce73e0c84fba39bc4d3289d0818be9490a796
-
SHA256
2e1bfee90f9cb52403a584e16bfdf394b1c6092c6f84d695151fd8283a29af7f
-
SHA512
489f4fba90c1890c27fde943e887f3e82407d156bf28cd134603d74be840b17236897dc30b6d88dec93bd7fe9e0982681b4c6aeda18da12cc46ce6264d9d56df
-
SSDEEP
3072:CRbYXHLfeTgZokVjSzT38T/kFyzyd2jI0t+FVbDvsJjTaBnP58zIlA:CW7fZokVj8T38TN+FVbQFECIlA
Score1/10 -