350f2b7af2310de1eec502397eb73b1e5c909b989294a1e988911c07a8ec616c

Sharing

Copy URL

Twitter E-mail

General

Target

cbsidlm-tr1_11-Free_AVI_MPEG_WMV_MP4_FLV_Video_Joiner-ORG-75290164.exe
Size

569KB
Sample

240705-1h6lkawfpl
MD5

ae4e3e0faf92ccf2e75c7f94cb0f47d2
SHA1

40d202a651fc7c6ae8c6773b0cd3fa8b652bce09
SHA256

350f2b7af2310de1eec502397eb73b1e5c909b989294a1e988911c07a8ec616c
SHA512

82b2306e3a067e93c9e303bc9a3bd6fd79083fcf6cbc07417cd16d6db79fbeec7d47718730541cbbd3719be5c69adffab49ba2511f4e74005a79f1683d119372
SSDEEP

12288:CsY7rZ1FRInAnOd10oNg6+h+cnJq0Vc/BntFre+OaNY:Cdz4dB7+hHq0V0FU

Score

7^/10

Malware Config

Targets

- Target
  
  cbsidlm-tr1_11-Free_AVI_MPEG_WMV_MP4_FLV_Video_Joiner-ORG-75290164.exe
- Size
  
  569KB
- MD5
  
  ae4e3e0faf92ccf2e75c7f94cb0f47d2
- SHA1
  
  40d202a651fc7c6ae8c6773b0cd3fa8b652bce09
- SHA256
  
  350f2b7af2310de1eec502397eb73b1e5c909b989294a1e988911c07a8ec616c
- SHA512
  
  82b2306e3a067e93c9e303bc9a3bd6fd79083fcf6cbc07417cd16d6db79fbeec7d47718730541cbbd3719be5c69adffab49ba2511f4e74005a79f1683d119372
- SSDEEP
  
  12288:CsY7rZ1FRInAnOd10oNg6+h+cnJq0Vc/BntFre+OaNY:Cdz4dB7+hHq0V0FU
Score

7^/10

evasion trojan upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks whether UAC is enabled
  evasion trojan
behavioral1
- Target
  
  $PLUGINSDIR/AdvancedTests.lua
- Size
  
  5KB
- MD5
  
  ba7c804532f4896bff2f0256263f0a49
- SHA1
  
  37e05599c48fdec7ecb7912f6230fc5a954dbcf6
- SHA256
  
  d8dccb8b4e381556835b3b9836294bd8c2c1d7a00420289854f5ee5809659466
- SHA512
  
  060643939fba4aa6d1147c808d44cbaf969ee387f8a713d44721c1759dc732d2861cf67786d1fb6e1fdea563e31c173696b9cd2fca4c6c5a432b618e9d216a6b
- SSDEEP
  
  96:pxueI18hmhvuBlZJUFTMDYGEdnrJIn0wcYPr4pYtu0THcD:pxuk0vgZmFADYGQrw0Xqy4c
Score

3^/10
behavioral2
- Target
  
  $PLUGINSDIR/BrowserControl.lua
- Size
  
  4KB
- MD5
  
  0758c4987fa7e4b0418059b764e8852f
- SHA1
  
  090bc19f211655796b1e7153cf60862fa382e87e
- SHA256
  
  4b28476a7984d6057dec94f19f63a678ea24dae9772d9b371177a6834782dbaf
- SHA512
  
  985e37d47932d9b4c576db3108d893a9a0b04475d026731251bb76e83a28485f9079371a2a79851713e639ad1192e098a503589872c9e5226067c157f41d2a7a
- SSDEEP
  
  96:YcPFcSnAqMP6HAjidEJNMIwLzm1BRjNsWhPEEPNeCmhLCzgtP:YcNcSA7PNMjzYtblV3mc0tP
Score

3^/10

execution
behavioral3
- Target
  
  $PLUGINSDIR/BundleInstall.lua
- Size
  
  10KB
- MD5
  
  9ee5c77f84034100bbe49fd933d27ed1
- SHA1
  
  fdb931a006f8a466ca60cd451e2cd91a93eda430
- SHA256
  
  bc823831af0b57d4cd9736c12beff594eb6b1ee5ef24a96f43b215a111d5ec3a
- SHA512
  
  5f178ddd9a413aab2c365aa1401e8a7ce94733ed5292c6bbf644c9be0870f5ae6b306e60292443695fad1f6a778dcab0ef5c06128a682439e3be3493e372ae80
- SSDEEP
  
  192:wPRXwtq5QCSvwJrhOCYI8LIdz0zSV2Gmvz6p51QC:ayZCMwRhxYI+IdQJGmYgC
Score

3^/10

execution
behavioral4
- Target
  
  $PLUGINSDIR/ButtonEvent.dll
- Size
  
  4KB
- MD5
  
  fad9d09fc0267e8513b8628e767b2604
- SHA1
  
  bea76a7621c07b30ed90bedef4d608a5b9e15300
- SHA256
  
  5d913c6be9c9e13801acc5d78b11d9f3cd42c1b3b3cad8272eb6e1bfb06730c2
- SHA512
  
  b39c5ea8aea0640f5a32a1fc03e8c8382a621c168980b3bc5e2897932878003b2b8ef75b3ad68149c35420d652143e2ef763b6a47d84ec73621017f0273e2805
Score

3^/10
behavioral5
- Target
  
  $PLUGINSDIR/CustomBrandingURL.dll
- Size
  
  5KB
- MD5
  
  e4c1b74859c17671ffe1c0602fd56b44
- SHA1
  
  15ae7d83122a1dc14d79e6c0a2e6565a9ffc12d1
- SHA256
  
  2c33db8babc38e9c824d025b594626dfeee67c5319dc93396239899647f87156
- SHA512
  
  9dda77eaa71371d3e1d068d3740435b5aa3f198818e46ae31e19cab8b084bb131e088241abf1a0f7f78179745a1665a9bf500f97ee25cafc7f85c5a1c234a925
- SSDEEP
  
  48:SMq1qEwUNRYDeKPTeKp4GN8C8hgIV2f4ag5pmy8WywlhQ7sp9CSC2bH:hq1q/QPKSKp4m80i2QGpvwLXLCtGH
Score

3^/10
behavioral6
- Target
  
  $PLUGINSDIR/DownloadThread.lua
- Size
  
  581B
- MD5
  
  ddb7a7f2df70ee831fd397ceebadff47
- SHA1
  
  2e171a5686911b257169c36c59cb6ebf6ca36d2a
- SHA256
  
  5b0a9bd9d3c8aa7dbf084a28f32fd8f2619f324bd65299228dc37ad09e74014b
- SHA512
  
  d2fae93c86c44802ce0baa60e90e18b0b752a443756e6e20206ae2720ab2107dd16c063b5170ccb70c2eb3ae37083e8ff48f694decff065ffe2a5936bf042969
Score

3^/10
behavioral7
- Target
  
  $PLUGINSDIR/Downloads.lua
- Size
  
  9KB
- MD5
  
  c1573fe0e36f3cbc82ca19c76f81fac1
- SHA1
  
  84904ddd3592eb3eed9c62dedfdde45870716aae
- SHA256
  
  68472d9b7aeb69480ef0a85e5e1106132209c09f2f17b964629c92ab52b12b9e
- SHA512
  
  09bbeca379715f2b633df14243c8548602d082f2252c1cc6785e832b3fe88a5617ec105374db45f088436fe7481d3c4828de70ecf334f3173ffc1306ef5b4d69
- SSDEEP
  
  192:ZZTESfvMF2yJWxrpGclIRjQEAeekUrAgYfYpV0xU89bKuL+x31602gE3VJ4o9mrc:ZZTEGkEE4r/WlQEne7rdYfYpaxU89bF/
Score

3^/10

execution
behavioral8
- Target
  
  $PLUGINSDIR/EagerInstall.lua
- Size
  
  3KB
- MD5
  
  7f3d326ed748e16726c1dd3fb254a4bb
- SHA1
  
  200bd24f52fd4d22f533412f3ce3e662eeea59d0
- SHA256
  
  f2e5494bf20dd2de0e83c07a5a87b06bef5ac9748587911682a5aef395950a94
- SHA512
  
  c28db510c4e5daf4fbdb48929527ae381e6d1a8db72ddb9dd172467e3b6ab70b31c37512688d79b681d772882c0f8e3450708227f664f3ae123935ef65208ac1
Score

3^/10

execution
behavioral9
- Target
  
  $PLUGINSDIR/Env.lua
- Size
  
  2KB
- MD5
  
  ac1975abfad71bac76271f4923af0894
- SHA1
  
  59d553a016f3850af52e544f62c4fb567dd0db72
- SHA256
  
  93629c8757f07c280324ae4acdd631df5929a0d2a02fc28d9fe4486c91750110
- SHA512
  
  bb073bc9dcdbb32065e19f7e286f2e5789a06b66580eaf03c313a5ac7008b3d8d379b4d5ec932e4fbbb1b76340eb609146566da1c53e19371307e171d21fcef3
Score

3^/10
behavioral10
- Target
  
  $PLUGINSDIR/Events.lua
- Size
  
  912B
- MD5
  
  5a7269de2a693363b32d3f9e008c53b6
- SHA1
  
  7c4a71a0671933f815046672277dc0e9443503e4
- SHA256
  
  895e6439e002183542b13720976a8e8166718560149f876141bd1827e4238642
- SHA512
  
  306db56fac8c717f8c42056d56d10465f2c2be803135e46549b46747ae34635e027782950e13bd4b511b02254f517a041a4a7d80afc0f9bf49b8e9aba157bb9b
Score

3^/10
behavioral11
- Target
  
  $PLUGINSDIR/IntegratedOffer.lua
- Size
  
  36KB
- MD5
  
  0a2c58fd32c67761c809ebf3e4397371
- SHA1
  
  c5a85a2064c8b51ac466d12de9cb8116fcb8745e
- SHA256
  
  7369a57a7faddb28bfb48600d762a7587dec013952b93c5636c59b01fece82d8
- SHA512
  
  05489b5e9cffc1430cb5251a43bb18a0ebc5b99a3824bacacf58ee4633cc0f40f4765a90a99fc4ac801ce4590b3977b4d268de5a4eb785c1ea920d7c2f35c69c
- SSDEEP
  
  384:tKaRot+qTKWE+/2uIH6nKjwxLWrk62KDwqy8924qy2c:tJoTTE+e36SDrkOvy5c
Score

3^/10
behavioral12
- Target
  
  $PLUGINSDIR/LuaSocket/lua/mime.lua
- Size
  
  2KB
- MD5
  
  4bfdaaab9014fe129bc6388fd5687c8f
- SHA1
  
  2c6ff28245e1dc7ec9ac1c43c3cda354d07b2c4a
- SHA256
  
  e9167e0da842a0b856cbe6a2cf576f2d11bcedb5985e8e4c8c71a73486f6fa5a
- SHA512
  
  3a1a4d838bb5cafe71da262ee7bd6dccbd30dd4d7abe0d04f6ecf96bf704d5e111967be812894a47f2eb3374ee110620b7cc47eebac8b72ddcf7f506ba82a607
Score

3^/10

execution
behavioral13
- Target
  
  $PLUGINSDIR/LuaSocket/lua/socket/ftp.lua
- Size
  
  9KB
- MD5
  
  7309f4294ae4abb4f6ae657b2a98d488
- SHA1
  
  327d143e9f7a1835a58fdaf569a8f7a937fcf2c0
- SHA256
  
  9ba5df91091c46f0ffe0a93ace577a4833c92cbec1742113d0a2da9e568f9a10
- SHA512
  
  a44d2603af63828e8a0b1fbc7455305c616e5bae4a351b429e7e94a6aa7e4d6425f69d57d6a44ba87ee5d29accfc01c1f3ff288652120ff8f08a66543d357895
- SSDEEP
  
  192:GsooRaLonJfMxBs6gZO2zMAcTcGZqxOU6iOeBqzw58GkJ1YtWKpUM7+C26a8RqN:GsRaLonJYszU2zncTHZ7U6iOeBRkfYtW
Score

3^/10

execution
behavioral14
- Target
  
  $PLUGINSDIR/LuaSocket/lua/socket/smtp.lua
- Size
  
  8KB
- MD5
  
  29a883b6fb47f87609d0a5b1973aa45b
- SHA1
  
  6a36815a72d6d7e6c9ac987461e195d17ff979db
- SHA256
  
  04a2bcc6eb8be03803f7ea4c9aa32e6f70f97fdb6b3bc5ecc5e990cc9932ac90
- SHA512
  
  c5c648445ea950d58affbacc8b299f26e80b55c4027195cdc055e7d2ee7e3593a59cb36fba8b8dbb8861603d5a03d9867065052b6a3bfd18590a8bd9dd96aac5
- SSDEEP
  
  192:hsbQbmId+aSnZwS/UjGf1MT+IsZDOD4GuuJQwDTaBrW:MH8jk1MTrsZDODhuuJIi
Score

3^/10
behavioral15
- Target
  
  $PLUGINSDIR/LuaSocket/lua/socket/tp.lua
- Size
  
  3KB
- MD5
  
  2cad406e591cade482c7f16f39c21481
- SHA1
  
  84a3ab88ff7a9102c2c6d21bdb6eede6862167a4
- SHA256
  
  343afa62f69c7c140fbbf02b4ba2f7b2f711b6201bb6671c67a3744394084269
- SHA512
  
  ecc98991c25036b54f2bb71b3229e4bc8fb401e55db0e5f9c958c2a7b00b40fc9ae2d7e45002d4f2a03cec85535785c42ab6d20476fe095a76444d143493b145
Score

3^/10

execution
behavioral16
- Target
  
  $PLUGINSDIR/LuaSocket/lua/socket/url.lua
- Size
  
  10KB
- MD5
  
  8fb662c362da002b833793ea7794fdaf
- SHA1
  
  7afaf1ad22c95690cbb3f55226b617121efc20eb
- SHA256
  
  269526c11dbb25b1b4b13eec4e7577e15de33ca18afa70a2be5f373b771bd1ab
- SHA512
  
  b0b766ac2b5cff879009ad9f74295f7ab0bf8b0628b8aece5597243e0fa96f4a85361728fd8a08eea7d2629dfc5e5d8b6aebca432075ad74c131ad3161a475c7
- SSDEEP
  
  192:zF/d/WjwnQdkUDv7wIECAAA4HaHjCRBxj6AqyQUh/T1htnSDiKbn:zfWjwXUDv7uCAx4HaD+Bxj6AqK/TTsiY
Score

3^/10
behavioral17
- Target
  
  $PLUGINSDIR/LuaSocket/mime/core.dll
- Size
  
  52KB
- MD5
  
  4a4845ba1666907f708c9c10a31ec227
- SHA1
  
  1ebf626adc84147e5114885ce779f92d6eb68f3a
- SHA256
  
  a1ffee9687ab4a23a78b3251888aff09e2896d76f8d16d713367b265f125188d
- SHA512
  
  d009f5e2a2ecfbec5e5e788ade142d612846d0c99921774e4a11b060998dfb0680cf1e1a54604535d5560738093f9ae166866cb23eee5c7d9c4e5cc5a33e7464
- SSDEEP
  
  768:Hk1jtHTV0IuugoXCodH5LjciB9snJ1hTgZNno42L:HkhtHTeroXR3aL0toV
Score

1^/10
behavioral18
- Target
  
  $PLUGINSDIR/LuaSocket/socket/core.dll
- Size
  
  80KB
- MD5
  
  4bf7db111acfa7c28ad36606107b3322
- SHA1
  
  6f20b9f6663ce0c309a2ce60e718d64ffb6c75b3
- SHA256
  
  bfe8445c38ee71240e856f85d79e94123d7179bf43688de0e2a14e32e6ef21b0
- SHA512
  
  0a5e66a65b80e15d8198f2934c58227ae17680f0fbea9865b2f44af82a29c53d4f95cf9616b4dfd75202420eb73b7d962cf2c84fdad6ce26afe1eb4bb978d0b6
- SSDEEP
  
  768:4pOz0XSP1hSt5+5lKfZyDy3TygCk749NRAa1YwqJlfp8iB9jDEu/s5RPOothtlRp:wOws14t5CeTygmNRA0IVh05IoN3
Score

1^/10
behavioral19
- Target
  
  $PLUGINSDIR/LuaXml.lua
- Size
  
  3KB
- MD5
  
  a34eed4e795d1a7f8f26af91994b2785
- SHA1
  
  d950dbd4147b86e246fc19afbc12592aa0ee55b6
- SHA256
  
  6345b8a47f378416cbd31e543410fa5b03c914219ded2a51c2d3c858f281d6cd
- SHA512
  
  0d3d92c6b5053469a2edfff0050672ff847135e5d1d08fb7b353df9690f8edcc32f443733bd0d70061f572e3f220769a64a0820918e4b51cf99d8bed30b4f3e1
Score

3^/10
behavioral20
- Target
  
  $PLUGINSDIR/Sandbox.lua
- Size
  
  7KB
- MD5
  
  0b893d34a9d305bb4fe3094f55b87138
- SHA1
  
  ad666098a43f0561ed3320bfa36eed0e3219e48d
- SHA256
  
  68513e783bf14fea511cfea5b490773593bf4c9bd896129e79210e9aefab105d
- SHA512
  
  cc9e0e552258b726d8398289f2144cab5a32dbb96222c4b8c0af61cf08d59d0f9c94be24f5ce75d921ce954c51facb0364ec1e31b1eba7d37019a89e693e0471
- SSDEEP
  
  192:ewPem+RjQfgKoAqRyoDtZ0ob1Ce1yb2H0drfV2KcEsW:3m7RUfXNpoDtZ0oZCe12druW
Score

3^/10

execution
behavioral21
- Target
  
  $PLUGINSDIR/Scheduler.lua
- Size
  
  6KB
- MD5
  
  c69495c651ee10d6759a663a5db89ae0
- SHA1
  
  442415e4a4dd7fd43b64cfe9c65b26c60dc2c64e
- SHA256
  
  78a299649329767ef594f60a7bada7733f8d2b16d69b4881411a7c827d5d0e80
- SHA512
  
  2450d2a923600efea9072c082f8514bcc85c42c721e8bbe9061ff5cdc58eb81f62ec7f2c63a03b99a05e503e4dd1568ff320820c54aa21fba8094269c4337a89
- SSDEEP
  
  192:n2vH0vW3urRpf/V2MYWT/9wIWlU95szoULFGsExjmhATLDHmDy:nLzfcy9wQbYoULFpCjzDHN
Score

3^/10

execution
behavioral22
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  7e3c808299aa2c405dffa864471ddb7f
- SHA1
  
  b5de7804dd35ed7afd0c3b59d866f1a0749495e0
- SHA256
  
  91c47a9a54a3a8c359e89a8b4e133e6b7296586748ed3e8f4fe566abd6c81ddd
- SHA512
  
  599f61d5270227a68e5c4b8db41b5aa7bc17a4bbe91dd7336b410516fa6107f4f5bf0bbb3f6cc4b2e15b16bf9495fdc70832bab6262046cb136ad18f0c9b3738
- SSDEEP
  
  192:LO6dJA/ruAFEiUdWWE6hsD4YUdJfbub1awgMO:SKAFERdlxhTYUzqZaw
Score

3^/10
behavioral23
- Target
  
  $PLUGINSDIR/customNsWeb.dll
- Size
  
  24KB
- MD5
  
  876f1eb34f5a03a38b3341985012576f
- SHA1
  
  28e61eca2458c82d5320f1b3bf69909d31efe885
- SHA256
  
  260c227997f45056ce666aa8ecf94bc604ba78138af3c25771dc01a8c1bc5a15
- SHA512
  
  00b47b239074b97fa86b690a3172b546278b44899df0d5c084e9bec3165688695bdee3c500e407d961ed0159d0f25e3f6d79b08c7983d2848ae4dc3ce4d36502
- SSDEEP
  
  192:q5uPMQL58fxUZ15Svm2fd5ywsjC9l7Gh3clkD/7tjuXJtt/fvrViEDLkjn01xcPF:qgL5U0HSvFfGx3uFJ/Vijjn0HFI
Score

3^/10
behavioral24
- Target
  
  $PLUGINSDIR/lua51.dll
- Size
  
  160KB
- MD5
  
  13c3a33c1f6e43f38de533fd0b766c98
- SHA1
  
  6b92c3d6694ddc40d9b75853baa51cb2f9f8db13
- SHA256
  
  4158063b0a868431f6430f54c1192bf20e58a43a6d3d03b740e090951e2f4427
- SHA512
  
  d64466c03deec744e7c0bfc23e54ee91a4eff4075fb92ef97c0014bbfb00e0d21731119a3a199fb9cac4a528419e8b8066589eddadb16b445ea298d67b037c15
- SSDEEP
  
  3072:Xav/NW/emSwpvxnXuVUMywUYVtR10JOwmWQ:XaHw/e4b+Vnywn7zwmH
Score

3^/10
behavioral25
- Target
  
  $PLUGINSDIR/luacom.dll
- Size
  
  287KB
- MD5
  
  ed7f7857933b38e5d10daf828e79af19
- SHA1
  
  7f1445f87f7e2256efc33ef56da20c3b23a1e0f9
- SHA256
  
  9dd5218bc2d12f4d07e268bc6ec01d6eefde4b99a07246d0a96d18477d331b5b
- SHA512
  
  ceaf9597d4cb725c4ec8b7af8d1090b38df102b52ca7606a24e9a094fc81f450f93ad22770c905db9115e271fa5fa4f5731caa7b1875e204edb10fb691741715
- SSDEEP
  
  6144:sdCVNGq2AcLGcmiuarKjKekqqBVq2Zq++++o++++++qjZfl8++O+yW+s+W+hZa+u:wCVT2nqciarKjKekqqBVq2Zq++++o+++
Score

3^/10
behavioral26
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  51beaeab1967c58754300c301d689698
- SHA1
  
  0b5bf1e3844d2b7e84eb8ab59893cf00dd555b53
- SHA256
  
  0ef301312fe2eb999b9ba6fa66fd0ba0f4a4c6cc6516e2dc1d56aaea5f1aeaca
- SHA512
  
  7574fb0475edcd3b015eed31dc9e47a8e18397408b397eccc9a50c50e5a2b3e76b4c822873be5a24981e47f848fae076c9addfe16f4f0af2b3e968769cf63f31
- SSDEEP
  
  192:rnAR+lPi8VpAweqU3Mh/8C3Km3P+QcmHSd:rn9lPiezWG8C6m/VPHS
Score

3^/10
behavioral27
- Target
  
  $PLUGINSDIR/nsis7z.dll
- Size
  
  167KB
- MD5
  
  692479f7c07a64a6a632148e382f0e22
- SHA1
  
  cd14982a8e048ae98860db52f042850b63f9f40f
- SHA256
  
  cb195d62df55a939e238063c13c792237501f2297386c11229b1558eea9ddfbb
- SHA512
  
  7ed81c13ea6d3b5fbed778ff0f2b3361399826296711ec7dc019432ecd79a72e7d6e78d5fab144600ec55b46a56c11ff99f0860855522750883d7693ca885809
- SSDEEP
  
  3072:shuC5kBdKlB5Rkg0rQHWjfxTKYaE51GiCySqEMRRQRkM8CQme+5xuPFK:Qq7WHIrLjfxdXREJ/8CgK
Score

3^/10
behavioral28
- Target
  
  $PLUGINSDIR/nsisunz.dll
- Size
  
  40KB
- MD5
  
  5f13dbc378792f23e598079fc1e4422b
- SHA1
  
  5813c05802f15930aa860b8363af2b58426c8adf
- SHA256
  
  6e87ecb7f62039fbb6e7676422d1a5e75a32b90dde6865dcb68ee658ba8df61d
- SHA512
  
  9270635a5294482f49e0292e26d45dd103b85fe27dc163d44531b095c5f9dbde6b904adaf1a888ba3c112a094380394713c796f5195b2566a20f00b42b6578e5
- SSDEEP
  
  384:KExN66Yf2xL5Q4IsjuUjUZfqRDpImexpf88FwHxXvjX3hwlHt6oIfESxSHoOO8n9:O2x64GcVpI3xC8ynToIf1SIOhW4
Score

3^/10
behavioral29
- Target
  
  $PLUGINSDIR/skin/res/common.css
- Size
  
  1KB
- MD5
  
  0fed415d7de81f84954bd4e264e61e4c
- SHA1
  
  a3d6f75a5ca50b3800593fbcd1d667db31e98698
- SHA256
  
  9a110c6977aea3ddb3fc38e59efbd89f0f13e086ca0bc61f4de86c2015a741bb
- SHA512
  
  15fcf206ce21cdef8177b6f4e254dca38b39bc3eab0ba43b342f7f7c70529f387ac8d4984f673146cbc5ca73392563c820f98aede01d507a7e3a9241a15088a6
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral30
- Target
  
  $PLUGINSDIR/skin/res/knockout.js
- Size
  
  166KB
- MD5
  
  e5cee722fd4224a379bb4a6f2af1f12c
- SHA1
  
  319e9e3526bf39c72071df15f4310c652dd0a72a
- SHA256
  
  d77a2c496323dc9fcb6be027f7758611c498f754e3df8b5d91e4a70c058cd98a
- SHA512
  
  87327a9e491afc55f85a821f4305a18c1d47dfb828f3cf3b44b276d987b535bdbaa4668c372e5d3c4c74ef4819a1b784a1faca0fd533be3ce6981f3cabbc6c88
- SSDEEP
  
  3072:Q34wxu/OXJ+PywwA9+blJbQccfuhfC1OeHS1Uyjvz4gauzZ1SOd:QM9+9CPxyI0
Score

3^/10

execution
behavioral31
- Target
  
  $PLUGINSDIR/utils.lua
- Size
  
  40KB
- MD5
  
  3ef03d0de98b2f7e69a512d74d9fff86
- SHA1
  
  38666244540d3106e1e47824bb061f137b5a49ad
- SHA256
  
  08f288987a652cbf124330b5be9f7f11a169076e206cd99136d8ca84c8e6ecbe
- SHA512
  
  3db73f7c4304833ac7f02efa8e8a3b15723d17479c92c71b758d56c3051ef5d75e2edd485dda66cce49dea2390f2fbdf97e9944977e53565444fe52d12881ffd
- SSDEEP
  
  384:kHeaPj8T5B53+NimEQkDvTjh6eLqQxARwLNlRdqNfbl/e4zYPy92:k+ab+5B53+NimEQUTVxFNBqve4zYPyU
Score

3^/10

execution
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

ACProtect 1.3x - 1.4x DLL software

Loads dropped DLL

UPX packed file

Checks whether UAC is enabled

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32