50218cd76716ccb1250f1a491cf26c883fdd18cd78b68c385649d3bbcf8c5cb9

Sharing

Copy URL

Twitter E-mail

General

Target

veadotube-mini-win-x64.zip
Size

113.4MB
Sample

240716-d285gawbpb
MD5

8b6539c072695ff375024cd2fae78eb0
SHA1

87daee2721a8b9bca8377d9b44f8af945207341e
SHA256

50218cd76716ccb1250f1a491cf26c883fdd18cd78b68c385649d3bbcf8c5cb9
SHA512

d68fa47e72ab2510be437a67375bf99e5095b279db510e2a3ce72fdc0b9b1d59738862afd7365489aad76152f44045c4fa85e6c3da022130d1b717c84f9cda13
SSDEEP

3145728:XNkEtfXq/aCSuz5L+oL6xX1zkAuRIpSOv9NgfbyxStfD7Yyhe+2Q:XN5q/aCSuzh+66vkAl99Wb3D7b2Q

Score

7^/10

Malware Config

Targets

- Target
  
  lib/freetype.dll
- Size
  
  672KB
- MD5
  
  6ae30af213a471e450c566e8377eacd2
- SHA1
  
  cbae27cbd3323b93e57bc8b6844ef8d2cbb67080
- SHA256
  
  cabb749f16cf301ae2d33876fe14c7df219c574e4d3628c5ce0dcf2bc83a965d
- SHA512
  
  810fe3e6ba85cbb8a47f6150b432129ce94ab149ef8ecd538d4804de719e879d49fd3f7dffc8a83c0e74be661059fc95e55690531e4fbaca5b657fc64401c79e
- SSDEEP
  
  12288:CX65+PTFaMhDlrgwvLPjEszpxL/NIKwd68eOP8qCa6DjbwLKQdfEWmj:CX6MRaMhprg0PwszpxD2Rk8eOP8qCBjr
Score

1^/10
behavioral1 behavioral2
- Target
  
  lib/harfbuzz.dll
- Size
  
  4.3MB
- MD5
  
  0c2866f3ba201f59e3d2ba4861c47aba
- SHA1
  
  5a738568e79ce2c81442a01afc98448901a4b055
- SHA256
  
  5f2303217f5b1a2ac7f40fc1c534fe6298efdc31a831f151b4c10d68c119e11c
- SHA512
  
  a0a9782c30994d0a4587354b97fb9a0c58f833fb2d1a65b856568f5abe6b700671148c42a3a39ab6c5c142c02bfb6995664341514502b6d7020ab0fb3c4c0fd8
- SSDEEP
  
  49152:x+hRyZiTZcK6g5htmuinbPB5rDaRQIdbRSOR9UmTGbtYPT/N9JxENDmpCLs:H02ZiPdfSDms
Score

1^/10
behavioral3 behavioral4
- Target
  
  lib/libglib-2.0-0.dll
- Size
  
  1.4MB
- MD5
  
  5aa5bd73bf50a34ba5da4fc516575459
- SHA1
  
  021fc405ea9cd0486e6244c6906f30446e96a9b0
- SHA256
  
  1c8027b5eda4fcefdfb7f28f5d2c33b3731c273cd161a6a6e435b25c6dde9e8d
- SHA512
  
  11b7881a00fde3259c47c67758d9e9a9776ff95e8ec8539655a8f34153e1b7c8b0a7261e4c2fdb2e52181859d35ee480d6711528a5b266235ca4e9ceb52f765a
- SSDEEP
  
  24576:Ojbp3cn8ldnOwfm0Q9AbxkVxLe0rhC3rSiXkXAHb/ISglYg1xwbdFIvA2+qFSChn:Ojbp3cGdnOwfaabxkVxLe0rg3rLXkwHE
Score

1^/10
behavioral5 behavioral6
- Target
  
  lib/libintl-8.dll
- Size
  
  16KB
- MD5
  
  fa5108475fb143b7d549c9b5d415d810
- SHA1
  
  3c32b945ce1f327a67d912ee1d50417af2804631
- SHA256
  
  9f3a3978cae6d28dc90f59c30b7ec92f2e5f0f037b6ff5670f7784ff42524202
- SHA512
  
  33c6d08221b8a1e2039881c13a1015a23699e93a8e1e8863eb5431af2b589423f39ee7df4d1d249208b2bd4db5ecdd5da0daf46649f37e06536e88335f177439
- SSDEEP
  
  192:V77r9mHz04PjfpqH8PyN5n2rlTR1VebEvvvvvvOvvWgTtS1MMjgw:97r9mT04DpInN5n25BywitQ+w
Score

1^/10
behavioral7 behavioral8
- Target
  
  lib/libpcre2-8.dll
- Size
  
  514KB
- MD5
  
  c2c1855da224f053a5cef9f02cccb295
- SHA1
  
  6fcc1486822d44ffc52b187856d168579a798291
- SHA256
  
  9018c7329166fd7c7313dca3830f90e383d364318fbb9ba515e45606ea922f42
- SHA512
  
  c41ba892ea8ace5de4e74c98557766c43e1587f8b729118e3d9b8ea438d951e93b67176b9876a9de1a211f9570bccbfa7a6c96b00661b105c32865edaf78fc7a
- SSDEEP
  
  3072:XNRsfomw9ARSiaQ7Px29CUGemF7AvmMiipJoohE2Z97BiLDvib104mM6aUU6FNuD:owmw9vidc9CU1oYbDSs
Score

1^/10
behavioral10 behavioral9
- Target
  
  lib/libsharpyuv.dll
- Size
  
  25KB
- MD5
  
  2e1c76a2c66847f98db3041a831823e2
- SHA1
  
  f2861d5169d4e2fb85467f533be0d511d341e082
- SHA256
  
  fe9015622be91d1410683e018496b456003a1745432a879ac8a794f1796d2442
- SHA512
  
  42097d384e6c42b2178c85c60867faa9a9375e91de6d170e9e295bd89ac34a7a7755e872b075f140d4e7ed65dde84775be1dab220346a3db305f6854786ba6b0
- SSDEEP
  
  384:rbkIELC1utJ324VG6aCpHIYybE24Pb1E:8IELCQJ3FVG6aCSbE2yq
Score

1^/10
behavioral11 behavioral12
- Target
  
  lib/libwebp.dll
- Size
  
  488KB
- MD5
  
  ae8dde515e9d702d8352f51320fa5335
- SHA1
  
  24783b1bf52a64b4ff6ee21457ff60b8a1ce4e0a
- SHA256
  
  e83c113028cec88aea8ef170ee76e830b3f33a7774a9430b0f8817c39ba829a6
- SHA512
  
  dba0946bc0d9baf293539f8c8372a04c6c9126dde88a920b2c39d0fbb518b94c417d77c6e97cb1da4f7d943f487790429f6728283cdcc3a88a7a896f9909d75b
- SSDEEP
  
  12288:Sg/7qwJExOhWyf9hnRwXU8MwAhwmLrLrLrLYf7oAC:SCeZKuXUb1umLrLrLrLYfU
Score

1^/10
behavioral13 behavioral14
- Target
  
  lib/libwebpdecoder.dll
- Size
  
  249KB
- MD5
  
  8a714d720f9b808891065cd9f4c2a02c
- SHA1
  
  970fa19e2ecacef44ec07dba164116f0ffbd9ec7
- SHA256
  
  5a9efa35813558be34e0d27d612f9a341055404bb1c63185632fefe83897432f
- SHA512
  
  603e6a7a663ba573a3580f446805ecae11adb15968a453e7079bfcb2720b56caf894f8d5c9158cdf6ec1e0d7699c09872c0cf25c9933cd155b523aa6717de663
- SSDEEP
  
  3072:zDwOaWxKhaL7D4/nYWBRAy1t5fmcVhzEvqtJS8rKlJb4HExWnQlzpM7VuLP3lj99:/wgEaLOnFYcVhO2rAXXe40pAe35
Score

1^/10
behavioral15 behavioral16
- Target
  
  lib/libwebpdemux.dll
- Size
  
  20KB
- MD5
  
  5b8efab17a11e0f1ea345f5d877a79cd
- SHA1
  
  354fecf44bf99f383241efce51896913f6e01d14
- SHA256
  
  a5d8a57a4745b085e36d4e99aa3ce963cf6e326628d86e7447c9c254dd66751a
- SHA512
  
  9d8b07a31e2b150876b9c52d4a80b8be41f11514aabaa9f37405c25c27b3edbaf3a46160b86b92a1bcdfea41670c7162d2dc65d1e47a4cd233601f733a6a540c
- SSDEEP
  
  384:eEWuYlZGFLptnr6Tapxiqav5vUE04MEcqn6SWvwnbN:+flZuHr62R60tEc3SWIJ
Score

1^/10
behavioral17 behavioral18
- Target
  
  lib/onnxruntime.dll
- Size
  
  9.6MB
- MD5
  
  5c2af61dcbd97c24e56aeedfa1419622
- SHA1
  
  b3f190f792c4ce3656db2f51240e0923e3eb63a1
- SHA256
  
  6135d3c08003afb23b7c8997bed44d15d860e9bf8408aaa87e44fc8e4fe2fa48
- SHA512
  
  80d9de16249640b28f528d8a225d21b8cd6b5804273b93a874aec80cd1de6ad0cc62289525f07ae515bd81fcb82e53660ee5a95f1b9aa9238c71566bd987fa21
- SSDEEP
  
  49152:jba71gCj+AnBTwe9VVGaxNnKVL72w9PQ6kIQPyYTjQ0Jd8eZelYCWBEvBGFXK8hl:jWhyYRYpaunU2XD57pZfXjyBP/Ggf
Score

1^/10
behavioral19 behavioral20
- Target
  
  lib/onnxruntime_providers_shared.dll
- Size
  
  22KB
- MD5
  
  7da43eaa9d77e0531e0163fa7d78de69
- SHA1
  
  4220dee4a84d0db69a064ad9edc375345a798645
- SHA256
  
  a08d03fa0f2c4dd21bda9787a7119a5ee1cd0466892e73a8785c2db415d0edf6
- SHA512
  
  9624d4527e22d9b7c6fa95554f83de9128ef617303863c215ad38a7fb84f939c62c5e55f74ca380dfc84d30c199fac3398158ab78046d3633d7cf5b34bfc32fa
- SSDEEP
  
  384:vNw7AmZwde8cTvOJWX5WTXBLHRN7r7R9zt++f:vCsmSejTpiBLrt9zk
Score

1^/10
behavioral21 behavioral22
- Target
  
  lib/ovrlipsync.dll
- Size
  
  38.6MB
- MD5
  
  1e9d063053bba2f3f4e76e4f45b5547d
- SHA1
  
  133407597680064f2a33ddcda8bff630051b8669
- SHA256
  
  f20e7bcb50f1591e1c4fdf5fb16ceda876ec599c1731fd857779b977b4e585b7
- SHA512
  
  4d9fa2db3df9a3cd7845bc3861561a069cc6934bf1e07d024545b61e53a57d635fd415fac6249df9aaf93ba52e3b3e8c304e7239feac6082324bcada9dcb0ae3
- SSDEEP
  
  786432:EWvygu0x+RfE1sdK5sDxtu7qWCCY/9Xccvjy:dvD5ZGWO/Nccv2
Score

1^/10
behavioral23 behavioral24
- Target
  
  lib/spout.dll
- Size
  
  333KB
- MD5
  
  4216cfc81c0ce980eb7b281f51d72308
- SHA1
  
  c4484fde75178b95959ba9d696e9af2c9abbe656
- SHA256
  
  3e7b82bc78cada6c8ad4f22b764716672d041c5e13463cfa0d6709cd36d01c74
- SHA512
  
  16f52eea7684adc856d701aa18db086d47da7fddc25af15f850e5f16674ce147995ab3b6fdef7890d40ee383d1137e56fb9c1d49bb7b3fc0f0b9b1d526b9cd26
- SSDEEP
  
  6144:CoGCcvNzc/U52X6XRs5ak9wuxceq2caxzEd:JGDvWc5fBs5aluj
Score

1^/10
behavioral25 behavioral26
- Target
  
  lib/wren.dll
- Size
  
  70KB
- MD5
  
  31afd4050e2cc390736ee4902580be6b
- SHA1
  
  36912009c3e75a62dffb57617a08b4c631a70b1b
- SHA256
  
  fd5101849cc051cc7706307c3fcd62a802c25d414ad58a12606d3c5b31d93252
- SHA512
  
  f9b408b04147fdf63fb3315883f451f254c625e2e5717f7ed00325c61aa2230d794759ee2c3e4763959dbcfbd2c617ec7e1fd9d9d80f2b882b4f6b7d8a9a4dcd
- SSDEEP
  
  1536:th0CSirt7hr/n+uIgpkIxxog1yymYtOcr+2GI2Le8cWnRMTQk6:tufivbBe02Vn+TT6
Score

1^/10
behavioral27 behavioral28
- Target
  
  veadotube_mini.exe
- Size
  
  79.8MB
- MD5
  
  580c3d911719e4cdec84c165e8701cb1
- SHA1
  
  dc7b3fe78b8a87a27858ffde580ce15a50f1124c
- SHA256
  
  2311794e513fe1ff7b28b010606689ce56defb23861fdc65af02e51039f77e70
- SHA512
  
  bb06729e2cbd59750514532eb48af8fe51903dc8608fa708b26159a05c59129670c0a696d2bac343523d804b41ae7a4c8038a899971b011709bd893086f7dfbc
- SSDEEP
  
  786432:zoRxKrTMpm47/RWyVuen23fRA5nNqYgZxa+8zN41NLiCza:zoRx5pn/RJpnkJ1YNM
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral29 behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30