b793adade7cd9f14d1e6a9b066257092f45b77e9bfe4ca5d481dbce2638a7dbe | Triage

Sharing

General

Target

VideoPlayToolSetup.exe
Size

36.8MB
Sample

240726-lr9x1stdng
MD5

0afbf523d8a7d9a44b4db03cd215ceca
SHA1

61ca5149df0b5878d7f1071f30081da4023b906d
SHA256

b793adade7cd9f14d1e6a9b066257092f45b77e9bfe4ca5d481dbce2638a7dbe
SHA512

e152887b089a566cd74947447fcaf1f906f13fadd852962f19fe03ffd32b12d9194bf197b0fb659ea560af4cf7e945c5d2794854b05d7e28dc416313e629d699
SSDEEP

786432:2sptTL+Zd/1S2xV5FAokrDwEMz6jSRDISx9+wPLymvT93UPPH1SC:Tk9S2xruiJWiD1g+3UlSC

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  VideoPlayToolSetup.exe
- Size
  
  36.8MB
- MD5
  
  0afbf523d8a7d9a44b4db03cd215ceca
- SHA1
  
  61ca5149df0b5878d7f1071f30081da4023b906d
- SHA256
  
  b793adade7cd9f14d1e6a9b066257092f45b77e9bfe4ca5d481dbce2638a7dbe
- SHA512
  
  e152887b089a566cd74947447fcaf1f906f13fadd852962f19fe03ffd32b12d9194bf197b0fb659ea560af4cf7e945c5d2794854b05d7e28dc416313e629d699
- SSDEEP
  
  786432:2sptTL+Zd/1S2xV5FAokrDwEMz6jSRDISx9+wPLymvT93UPPH1SC:Tk9S2xruiJWiD1g+3UlSC
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  Bin/mksquashfs.exe
- Size
  
  206KB
- MD5
  
  edf3da1790ce2db88ebe110319ae85a6
- SHA1
  
  ded1b11db374f92cd4cbe0f577fd545e91e40ea0
- SHA256
  
  79b915102703b8aab70eaadbf1529c18615a092dc75cd614534e4659a0f0f1f3
- SHA512
  
  962067c1da49568d3444635345a68bfcbddaf6af9778137188868e4077c48192940df540846ac6f1a6ae12670ffaaad8f85b9d7fc60d04a2146d127c74e5f81a
- SSDEEP
  
  3072:5o2zGl1Gh0uUE+4c5T3A9cyxujBmNe+oEb3SU+ouWwIK9cnswZtpyv4mm:5BS3GuwHc5TIujBmdoEqInZugmm
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  Bin/style.ss
- Size
  
  1KB
- MD5
  
  3beb4c2d295511dbbe95f9311c89578b
- SHA1
  
  fb638f3c073ec816bde98f2d129be477eb7d0c33
- SHA256
  
  f5f61c20e3604c73439bdbb4a72ba96c75751ebee2784b1f24501f9a1d783401
- SHA512
  
  30d60429c71719978200ea6e27180a666a6839f2a636fc6db16e5e9df65b022198677f1026788e7432fe32fb63e9dd05706d24ca5316fc33ee3a50d8fe12c657
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Bin/translations/qt_ar.qm
- Size
  
  156KB
- MD5
  
  257bce0d43476ff6548f7d9d2c3a5809
- SHA1
  
  3d7b581860c381fc5644f739850f4c126f27838d
- SHA256
  
  c14ebfaa0fecb341b43ed2179df9372d27ad20a15bafb9f5403d57838ae1d88a
- SHA512
  
  051c71e4d105b082d169c5b57d2b6cfc093d174a649a0b4d42fd226b808c9fedb51a8ced6d5cb5db7f4fcce29419ec068d473b7ff7b8e15b9f8a82d32b73be00
- SSDEEP
  
  1536:XGlAMfkX1M0RdaCkR8lfv8vtc8EFrVYA2I4AJZWEWgHg1C8COvzLKHC6Jp9NV0V7:XUr0RACkIwDEpV1Lgf16btw3Bb
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Bin/translations/qt_bg.qm
- Size
  
  161KB
- MD5
  
  660413ad666a6b31a1acf8f216781d6e
- SHA1
  
  654409cdf3f551555957d3dbcf8d6a0d8f03a6c5
- SHA256
  
  e448ac9e3f16c29eb27af3012efe21052daa78fabfb34cd6dff2f69ee3bd3cdb
- SHA512
  
  c6ae4b784c3d302d7ec6b9ce7b27ddaf00713adf233f1246cd0475697a59c84d6a86baa1005283b1f89fcc0835fd131e5cf07b3534b66a0a0aa6ac6356006b8f
- SSDEEP
  
  1536:9ULiyUxPoT6qx+J7FJlaaMJnxjqxq+0Uiff0mbVeb7wiEwYuYqDKBkKHMXHCIMll:9ULpIVFnpwUiEujw27ncUQUz
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Bin/translations/qt_ca.qm
- Size
  
  205KB
- MD5
  
  1d351670ea821db3bbb5aee0ad186f10
- SHA1
  
  ac0548eb87e7e4a12a604523713e5b08df88fb50
- SHA256
  
  235f502810d5750a47421d3e57620dcae5cfcfd83bc97766ad8b99b75238a544
- SHA512
  
  7a769f0c0858c25ebbbdd25c7308523ed298e35e2b5533981967773cf7d08899d81d05d34d67567bb48fb0de21b3ce9c9d83866ec701dc841f8b430eadb43e29
- SSDEEP
  
  3072:GQKRldlzfzvZfeW+6kXEVjSVPzC3ceKdP2:aff7UW+WjwP2
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  Bin/translations/qt_cs.qm
- Size
  
  170KB
- MD5
  
  c57d0de9d8458a5beb2114e47b0fde47
- SHA1
  
  3a0e777539c51bb65ee76b8e1d8dce4386cbc886
- SHA256
  
  03028b42df5479270371e4c3bdc7df2f56cbbe6dda956a2864ac6f6415861fe8
- SHA512
  
  f7970c132064407752c3d42705376fe04facafd2cfe1021e615182555f7ba82e7970edf5d14359f9d5ca69d4d570aa9ddc46d48ce787cff13d305341a3e4af79
- SSDEEP
  
  3072:5WjuhX0CVRaakGjW9E8SSOQfX/JlwVOMxrboRPqWxXfQvO7zjBf:5iFGj1QfXr8Gd
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  Bin/translations/qt_da.qm
- Size
  
  177KB
- MD5
  
  859ce522a233af31ed8d32822da7755b
- SHA1
  
  70b19b2a6914da7d629f577f8987553713cd5d3f
- SHA256
  
  7d1e5ca3310b54d104c19bf2abd402b38e584e87039a70e153c4a9af74b25c22
- SHA512
  
  f9faa5a19c2fd99ccd03151b7be5dda613e9c69678c028cdf678adb176c23c7de9eb846cf915bc3cc67abd5d62d9cd483a5f47a57d5e6bb2f2053563d62e1ef5
- SSDEEP
  
  3072:XzswP2UvZ5aZ9jFTkmq/gnBNW/+PcWrqm2Vliz0DGdaS4KSLZjwTTgwUR0toT:j3m27AjCT
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  Bin/translations/qt_de.qm
- Size
  
  215KB
- MD5
  
  40760a3456c9c8abe6ea90336af5da01
- SHA1
  
  b249aa1cbf8c2636ce57eb4932d53492e4ce36ac
- SHA256
  
  553c046835db9adef15954fa9a576625366ba8bfd16637038c4bcd28e5ebace1
- SHA512
  
  068e55f39b5250cc937e4b2bd627873132d201d351b9351be703cd9b95d3bafb4bd649cb4df120a976d7c156da679758d952cac5e0523107244e517d323bc0c5
- SSDEEP
  
  3072:7w8go8+ph6JVB8XVXYWpSNEeg8+vaD+p4N8DDiEKugwGZulh15ce4M+4NsPYXCZW:88h8Sj286tTiDD
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  Bin/translations/qt_en.qm
- Size
  
  33B
- MD5
  
  aaea7ba475c961f941d0a23488457beb
- SHA1
  
  2bf0054002c8f7d85dd080df332553bf9b3a8e26
- SHA256
  
  494ac9a2b2cb2fdeced353f4a9f898ed8dcf616e9bc667438c62681e3f7f79cf
- SHA512
  
  5b408c36c8f93f71e73e3d3b1c0c2ad699e92a6088604b8adf8e588e8a75fc3fc92828199b7f00f5b05b224ae819220d07e56d610a76a267594870bec77172be
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  Bin/translations/qt_es.qm
- Size
  
  161KB
- MD5
  
  c7c58a6d683797bfdd3ef676a37e2a40
- SHA1
  
  809e580cdbf2ffda10c77f8be9bac081978c102b
- SHA256
  
  4ffda56ba3bb5414ab0482d1dde64a6f226e3488f6b7f3f11a150e01f53fa4c8
- SHA512
  
  c5aed1a1aa13b8e794c83739b7fddeafd96785655c287993469f39607c8b9b0d2d8d222ecd1c13cf8445e623b195192f64de373a8fb6fe43743baf50e153cda5
- SSDEEP
  
  1536:JVwzuvb+Ta64KQd84arHX5pxiVhA8QlOD/BnFNa8NsvsfFsfcoZtIx6F:JVwSTG4KqVaLX5pEVK7OJFczstgRtIx8
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  Bin/translations/qt_fi.qm
- Size
  
  175KB
- MD5
  
  8472cf0bf6c659177ad45aa9e3a3247c
- SHA1
  
  7b5313cda126bb7863001499fb66fb1b56c255fc
- SHA256
  
  e47fe13713e184d07fa4495dde0c589b0e8f562e91574a3558a9363443a4fa72
- SHA512
  
  de36a1f033bd7a4d6475681edc93cc7b0b5dcb6a7051831f2ee6f397c971b843e1c10b66c4fb2eff2a23dc07433e80fbf7b95e62c5b93e121ab5ad88354d9cb8
- SSDEEP
  
  3072:lvdTgO2Yl97ZWnbgTLt/Tf9IlqAeiy5uWkYGM0wNCdRjSK2YUlUs:lvdkA9vh5uWkY0MK2YXs
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  Bin/translations/qt_fr.qm
- Size
  
  162KB
- MD5
  
  1f41ff5d3a781908a481c07b35998729
- SHA1
  
  ecf3b3156ffe14569ecdf805cf3be12f29681261
- SHA256
  
  edb32a933cef376a2636634e14e2977ced6284e4aa9a4ac7e2292f9ca54c384a
- SHA512
  
  a492e8ac88095a38a13549c18c68e1f61c7054ab9362c2b04c65b93e48e4a07941c8da6950bae79041094623e0ed330ca975110fde8248b4d9380b9f729ad891
- SSDEEP
  
  1536:CLZ1w8McowCppcPwL5pYFw+G00QsbLckCiWxvq+sjs06oFm:C91wxcowspc4L5pUw+cz39CiQ7tloFm
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  Bin/translations/qt_gd.qm
- Size
  
  185KB
- MD5
  
  d512456777500dc13ef834ed528d3704
- SHA1
  
  90a32284052c3fe12c18afec9f7ff56735e2e34b
- SHA256
  
  c515dd2a2e00765b5f651aae124a55d617b24777138019abc5a7001da7417561
- SHA512
  
  babef929ac600c117967b42389623f352d219a466c484ae68ef3c9da9ff61555875ffb0dafc3e5eada6fb43d37f7afe74a6b6c73458a93ffb42819e1068c9a3b
- SSDEEP
  
  1536:SiaI3C87jhakhR0VGkw7ys7CskQH6y4e6IFB4xyMuhvDnJGhFaCo527arBbm07LZ:S2yGjh17yiqxTXhvQoejJd8FUjVgk
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  Bin/translations/qt_he.qm
- Size
  
  135KB
- MD5
  
  26b777c6c94c5aa6e61f949aa889bf74
- SHA1
  
  f78da73388c86d4d5e90d19bb3bd5f895c027f27
- SHA256
  
  4281c421984772665a9d72ab32276cfe1e2a3b0ebe21d4b63c5a4c3ba1f49365
- SHA512
  
  8e02ce06f6de77729aefa24410cbd4bfba2d935ef10dcf071da47bb70d9c5e0969f528bdb3db5cab00e3142d7c573fcf66ea5eb4a2bc557229ad082c0eb1dbcc
- SSDEEP
  
  3072:XSue8FDn3iJsqBejd/zNDSLzdetY2ZISfCPS:XSuem7w7IjdIzUtYAISfCPS
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Bin/translations/qt_hu.qm
- Size
  
  156KB
- MD5
  
  e9d302a698b9272bda41d6de1d8313fb
- SHA1
  
  bbf35c04177cf290b43f7d2533be44a15d929d02
- SHA256
  
  c61b67bb9d1e84f0ab0792b6518fe055414a68e44d0c7bc7c862773800fa8299
- SHA512
  
  12947b306874cf93aba64bb46fac48179c2d055e770d41af32e50fffb9f0c092f583afcea8b53fe9e238ef9370e9fffbeb581270dfa1a7cb74ebe54d9bff459f
- SSDEEP
  
  3072:BmOMZadV9n51xXeQvjOiIzz7/Vs9Db3ihuJNvMfWxBNlYzYbTrIkfwb03l24cNKu:HkWa5pg0MahBHDd
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32