Overview
overview
7Static
static
3DroidCam.S....2.exe
windows10-2004-x64
6$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3DroidCamApp.exe
windows10-2004-x64
3adb/AdbWinApi.dll
windows10-2004-x64
3adb/AdbWinUsbApi.dll
windows10-2004-x64
3adb/adb.exe
windows10-2004-x64
3lib/DroidC...32.dll
windows10-2004-x64
3lib/insdrv.exe
windows10-2004-x64
3plist.dll
windows10-2004-x64
3usbmuxd.dll
windows10-2004-x64
3vc_redist.x86.exe
windows10-2004-x64
7General
-
Target
DroidCam.Setup.6.5.2.exe
-
Size
15.6MB
-
Sample
240801-zspv5awenp
-
MD5
d952d907646a522caf6ec5d00d114ce1
-
SHA1
75ad9bacb60ded431058a50a220e22a35e3d03f7
-
SHA256
f92ad1e92780a039397fd62d04affe97f1a65d04e7a41c9b5da6dd3fd265967e
-
SHA512
3bfaee91d161de09c66ef7a85ad402f180624293cdc13d048edbeec5a3c4ad2bc84d5fde92383feb9b9f2d83e40a3e9ff27e81a32e605513611b6001f284b9fe
-
SSDEEP
393216:oZsfK4YUD12zS7SEOegn4j7BgNE9O+wcDGFdClu8ZLzzpC4:gsfKPUD1kS7249O3cDGvClnlC4
Static task
static1
Behavioral task
behavioral1
Sample
DroidCam.Setup.6.5.2.exe
Resource
win10v2004-20240730-en
Behavioral task
behavioral2
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240730-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240730-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240730-en
Behavioral task
behavioral5
Sample
DroidCamApp.exe
Resource
win10v2004-20240730-en
Behavioral task
behavioral6
Sample
adb/AdbWinApi.dll
Resource
win10v2004-20240730-en
Behavioral task
behavioral7
Sample
adb/AdbWinUsbApi.dll
Resource
win10v2004-20240730-en
Behavioral task
behavioral8
Sample
adb/adb.exe
Resource
win10v2004-20240730-en
Behavioral task
behavioral9
Sample
lib/DroidCamFilter32.dll
Resource
win10v2004-20240730-en
Behavioral task
behavioral10
Sample
lib/insdrv.exe
Resource
win10v2004-20240730-en
Behavioral task
behavioral11
Sample
plist.dll
Resource
win10v2004-20240730-en
Behavioral task
behavioral12
Sample
usbmuxd.dll
Resource
win10v2004-20240730-en
Behavioral task
behavioral13
Sample
vc_redist.x86.exe
Resource
win10v2004-20240730-en
Malware Config
Targets
-
-
Target
DroidCam.Setup.6.5.2.exe
-
Size
15.6MB
-
MD5
d952d907646a522caf6ec5d00d114ce1
-
SHA1
75ad9bacb60ded431058a50a220e22a35e3d03f7
-
SHA256
f92ad1e92780a039397fd62d04affe97f1a65d04e7a41c9b5da6dd3fd265967e
-
SHA512
3bfaee91d161de09c66ef7a85ad402f180624293cdc13d048edbeec5a3c4ad2bc84d5fde92383feb9b9f2d83e40a3e9ff27e81a32e605513611b6001f284b9fe
-
SSDEEP
393216:oZsfK4YUD12zS7SEOegn4j7BgNE9O+wcDGFdClu8ZLzzpC4:gsfKPUD1kS7249O3cDGvClnlC4
-
Legitimate hosting services abused for malware hosting/C2
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c9473cb90d79a374b2ba6040ca16e45c
-
SHA1
ab95b54f12796dce57210d65f05124a6ed81234a
-
SHA256
b80a5cba69d1853ed5979b0ca0352437bf368a5cfb86cb4528edadd410e11352
-
SHA512
eafe7d5894622bc21f663bca4dd594392ee0f5b29270b6b56b0187093d6a3a103545464ff6398ad32d2cf15dab79b1f133218ba9ba337ddc01330b5ada804d7b
-
SSDEEP
192:cPtkumJX7zBE2kGwfy9S9VkPsFQ1MZ1c:N7O2k5q9wA1MZa
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
12465ce89d3853918ed3476d70223226
-
SHA1
4c9f4b8b77a254c2aeace08c78c1cffbb791640d
-
SHA256
5157fe688cca27d348171bd5a8b117de348c0844ca5cb82bc68cbd7d873a3fdc
-
SHA512
20495270bcd0cae3102ffae0a3e783fad5f0218a5e844c767b07a10d2cfab2fab0afb5e07befa531ba466393a3d6255741f89c6def21ec2887234f49adceea2f
-
SSDEEP
96:oOYqZ4zC5RH3cXX1LlYlRowycxM2DjDf3GEst+Nt+jvDYx4L7qndYHnxss:oOYq+CP3uKrpyREs06YxA2dGn
Score3/10 -
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
6KB
-
MD5
0a6f707fa22c3f3e5d1abb54b0894ad6
-
SHA1
610cb2c3623199d0d7461fc775297e23cef88c4e
-
SHA256
370e47364561fa501b1300b056fb53fae12b1639fdf5f113275bee03546081c0
-
SHA512
af0c8ca0c892f1b757fbd700061f3d81417dff11d89bdff45e977de81ad51c97862406cf7e230e76cf99497f93f57bf09609740953cd81b0d795465ac2623ea8
-
SSDEEP
96:e97GUxNkO6GR0t9GKKr1Zd8NHYVVHp4dEeY3kRnHdMqqyVgN0u3e:eBXhHR0aTQN4gRHdMqJVgN0N
Score3/10 -
-
-
Target
DroidCamApp.exe
-
Size
942KB
-
MD5
f8c12fc1b20887fdb70c7f02f0d7bfb3
-
SHA1
28d18fd281e17c919f81eda3a2f0d8765f57049f
-
SHA256
082f5c3fd2fd80505cbd4dbdbb7c50e83c2e81f033a04ea53832dbf0a3fc4933
-
SHA512
97c5d158abb119e076ace4b1398de19029b5d44566d9a293811bf7edbb0db120354cc396aed72bf62766799dc5db266d4b2ee7aee3ffc2818d8be77a4665ad2f
-
SSDEEP
24576:D/dq/HzoLl++FWslfFazAbeJGOvSCspptIA:D/dq/HzoLlFzLbtCaIA
Score3/10 -
-
-
Target
adb/AdbWinApi.dll
-
Size
95KB
-
MD5
ed5a809dc0024d83cbab4fb9933d598d
-
SHA1
0bc5a82327f8641d9287101e4cc7041af20bad57
-
SHA256
d60103a5e99bc9888f786ee916f5d6e45493c3247972cb053833803de7e95cf9
-
SHA512
1fdb74ee5912fbdd2c0cba501e998349fecfbef5f4f743c7978c38996aa7e1f38e8ac750f2dc8f84b8094de3dd6fa3f983a29f290b3fa2cdbdaed691748baf17
-
SSDEEP
1536:Jwqdq+3pvspmLh8SCykrpTG7kfGHuNezq02XJqo+iFi1yCP:JwqD3L8Tezq0et+ui1y
Score3/10 -
-
-
Target
adb/AdbWinUsbApi.dll
-
Size
61KB
-
MD5
0e24119daf1909e398fa1850b6112077
-
SHA1
293eedadb3172e756a421790d551e407457e0a8c
-
SHA256
25207c506d29c4e8dceb61b4bd50e8669ba26012988a43fbf26a890b1e60fc97
-
SHA512
9cbb26e555ab40b019a446337db58770b9a0c9c08316ff1e1909c4b6d99c00bd33522d05890870a91b4b581e20c7dce87488ab0d22fc3c4bbdd7e9b38f164b43
-
SSDEEP
1536:l72doFmOiHizFbPlspcsbj5ZsP+YeTs1p:lSSfN9+YeTs1p
Score3/10 -
-
-
Target
adb/adb.exe
-
Size
4.5MB
-
MD5
3cb9f5e6fa7f2b9949f375f7f7ab2586
-
SHA1
340a7e2a5b3ac0c3077b8cf7ab476ce0139c3f47
-
SHA256
634ab9882b5427a245bd139e5b7a2b5d10b24c4b50506257b5404c01882ccc02
-
SHA512
90132034b2076afab6253a17e3792f797fd888d5f1cdc47e399772bfb97de1567cbd0ea2fff253d232c97da2b4446e7ec7a96931a480675f60a338f2f24e8b12
-
SSDEEP
49152:vcTKhBwmtIIt8U731BjvgVkJVBvZyBdcBeqOOYHKi3TuuByiPT5mj4yl264bJlck:vGTUI1U731BjnP4cBeHO9pu+GED/0+
Score3/10 -
-
-
Target
lib/DroidCamFilter32.ax
-
Size
84KB
-
MD5
efe71ae8a02ca59a0855cd649f5e58b8
-
SHA1
0a5ba3257ad82f71890c0fa55a5f7405d0b6b4ac
-
SHA256
ffb22ab7b98ecc98c22cf675bfab61c875127137277e1f66bc3d7269c3b42652
-
SHA512
bad93c560355019f739158d2a25e7643a08cdcb000b378099aa2431ba4d023aa72741e674912d738b0ac6d21e44417f5406eee67f16035f6a783a5226b0d65a4
-
SSDEEP
1536:Jld1X/W0/2LAd2btU5b7ToSWVd1MjYx0EY6uJotlzoOaB2mu0gFfhdtmPv2kXlOZ:J/1Xue2LY2e5b7ToSWV7MjYFuJotlSug
Score3/10 -
-
-
Target
lib/insdrv.exe
-
Size
12KB
-
MD5
b32d29447b5a7a4b8e62f7df5efec272
-
SHA1
4cf32f4a969f62e8c580be3641748b4832397811
-
SHA256
1cd0c2ba5eeaf5519055924f049a4c7feae999126a7c81a16961e486902a1bad
-
SHA512
f26e3e9e9bb3700422843a54a3ef45dcda7073f1af2c36c105f88a6ccead4b4931007341e58f468b4481b676e713c708e3f7aa27360a86599ad7dc01e26b91e6
-
SSDEEP
192:HI4SGHjM9zdjKgOMNhbwi5BlLot6OnTVYy78b55Tl/QJEu7aPHAVIb/K:oVUM9RegOMrbwVtzTNuTKb7aPTu
Score3/10 -
-
-
Target
plist.dll
-
Size
53KB
-
MD5
ab595bc9a0f6f0d00b1f50a7e81ac5fb
-
SHA1
5798394a3863c2eb67d541eac914562d831e769c
-
SHA256
0a1e27ced2f8ce0314353c82f30ee8140fde2e2725c4276390922930aafca773
-
SHA512
ac6607e0da96e11b54f1d4b2a2c918deb1acad021823df2cc9c27b3d9c9556c29db5fe6aec3e9767999e3c0250544196bed47ff047176adf3fece63baccd2480
-
SSDEEP
768:VOjVJ0t2d6Q1rk4G5aN0pn6ZWj+Hgq7yeHT9kyLfPPAVXSC6IHpyU:KeMkRQUj+Hgq7DkyLfHAVXSBII
Score3/10 -
-
-
Target
usbmuxd.dll
-
Size
31KB
-
MD5
b2da89f5aaf0f2b85a4c41f5a7019125
-
SHA1
38bb05d675e12a68bc80ecc819e0e363b673bb05
-
SHA256
333bda59aea7770d4a1f7ab7a320d1b5e904b67f7c710988b5893177924a0d5f
-
SHA512
5c71afe1a8d768c51781dc0b633369e4a47c4068fd7eaea81088a538e57d8421ec021b357ac902dde91f468da5c4cbae7dbcd636434eda215a8a6b948472e641
-
SSDEEP
768:be22XU9oFPG+aFTqsxrPHC1dHmkrQWrJg:S22XYhY15mAtg
Score3/10 -
-
-
Target
vc_redist.x86.exe
-
Size
13.1MB
-
MD5
1a15e6606bac9647e7ad3caa543377cf
-
SHA1
bfb74e498c44d3a103ca3aa2831763fb417134d1
-
SHA256
fdd1e1f0dcae2d0aa0720895eff33b927d13076e64464bb7c7e5843b7667cd14
-
SHA512
e8cb67fc8e0312da3cc98364b96dfa1a63150ab9de60069c4af60c1cf77d440b7dffe630b4784ba07ea9bf146bdbf6ad5282a900ffd6ab7d86433456a752b2fd
-
SSDEEP
393216:S1RPq5dCsKSR65cX7Eyd/qnejOFxP7OEnl4L/Vvc:yP5iw56oyleej2OEnlwc
Score7/10-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-