731ff864aef3e98931b5550125b2ba975ab9df334fbb9f0c026d0ca22c2e1457

Sharing

Copy URL

Twitter E-mail

General

Target

Live2D_Cubism_Setup_5.0.00.exe
Size

144.8MB
Sample

240807-dv7m3azclq
MD5

ccdac6eb7a73e43a633a2f02200c7166
SHA1

fb84f8f9a27d4588aff91e0c99dec1fb92eae02a
SHA256

731ff864aef3e98931b5550125b2ba975ab9df334fbb9f0c026d0ca22c2e1457
SHA512

7289753ab9a69370fed2fbc43a94e39d31e33db4596a081e35f92c3acf7000dbd8e15d4299741c94f15c2e447e78e47db80b55782755cc6ada7597f3e85089b6
SSDEEP

3145728:WqCi5FffffffshIH+tFk4SXRdGcFUDI2LnpjBmU9+3lE:WqCSFffffffqIGFk7hdGTpjBP

Score

5^/10

discovery

Malware Config

Targets

- Target
  
  Live2D_Cubism_Setup_5.0.00.exe
- Size
  
  144.8MB
- MD5
  
  ccdac6eb7a73e43a633a2f02200c7166
- SHA1
  
  fb84f8f9a27d4588aff91e0c99dec1fb92eae02a
- SHA256
  
  731ff864aef3e98931b5550125b2ba975ab9df334fbb9f0c026d0ca22c2e1457
- SHA512
  
  7289753ab9a69370fed2fbc43a94e39d31e33db4596a081e35f92c3acf7000dbd8e15d4299741c94f15c2e447e78e47db80b55782755cc6ada7597f3e85089b6
- SSDEEP
  
  3145728:WqCi5FffffffshIH+tFk4SXRdGcFUDI2LnpjBmU9+3lE:WqCSFffffffqIGFk7hdGTpjBP
Score

4^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  8cf2ac271d7679b1d68eefc1ae0c5618
- SHA1
  
  7cc1caaa747ee16dc894a600a4256f64fa65a9b8
- SHA256
  
  6950991102462d84fdc0e3b0ae30c95af8c192f77ce3d78e8d54e6b22f7c09ba
- SHA512
  
  ce828fb9ecd7655cc4c974f78f209d3326ba71ced60171a45a437fc3fff3bd0d69a0997adaca29265c7b5419bdea2b17f8cc8ceae1b8ce6b22b7ed9120bb5ad3
- SSDEEP
  
  192:BenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XB9IwL:B8+Qlt70Fj/lQRY/9VjjlL
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  ec9640b70e07141febbe2cd4cc42510f
- SHA1
  
  64a5e4b90e5fe62aa40e7ac9e16342ed066f0306
- SHA256
  
  c5ba017732597a82f695b084d1aa7fe3b356168cc66105b9392a9c5b06be5188
- SHA512
  
  47605b217313c7fe6ce3e9a65da156a2fba8d91e4ed23731d3c5e432dd048ff5c8f9ae8bb85a6a39e1eac4e1b6a22862aa72d3b1b1c8255858997cdd4db5d1fe
- SSDEEP
  
  192:oRsHeylO012En8pqHtcE0PuAgkOyPIFc:sATI0d8pUP0WAgkBPIFc
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  CubismEditor5.bat
- Size
  
  2KB
- MD5
  
  a284e04b6f1677919fdcdd787deebcd6
- SHA1
  
  6f2c37b186b5b6a55b59a32f77fe879f4c99f231
- SHA256
  
  99e7e3902641ba8580bb44a626587af2c5ee92c585427a5d8477957c26f7eeb7
- SHA512
  
  b40bd03b2f0214bc4c1098688ff967ed17a92729f2c2006f676eef42d4ecf29c62030817723712097591f9a39f250dcfd8a5c5985ac53cead25399c51bbd71b1
Score

1^/10
behavioral7 behavioral8
- Target
  
  CubismEditor5.exe
- Size
  
  75KB
- MD5
  
  59d36e30468ffe30fcbdb1aaa4c2ae66
- SHA1
  
  96cbd794bc50091be943731d568b2cb4aebcd730
- SHA256
  
  2ad7d2f9c5130e796101d1deccb5c3e6e10d6c4c923938cdfc8b25628d3520e3
- SHA512
  
  daed8c6e1048a714bf47c0e693396e438dd0d6720cfc086bff9151e4af00cae0f3f1c108733337185aa01ba99acf3510d154f1632d3b4d14543f1c5834e65e65
- SSDEEP
  
  768:Nftzk3lkAWxvvin6qk41L2vvin6qk41LS2ToFbHcXqGRV1VaXLkjv:NftzmH+Cn6RWSCn6RWzgbiP00
Score

5^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral10 behavioral9
- Target
  
  CubismEditor5_d3d.bat
- Size
  
  2KB
- MD5
  
  c30707aeddfd344d7a6e4ea909cf356f
- SHA1
  
  90f588fc1bc2577d067b5cf85fd2ced4f26db0ff
- SHA256
  
  8555c4590884312d9f44b7a096db81f77e5551fb96f2092749d1b6de246d9cbb
- SHA512
  
  6f1b9494468ece85d0cb1baa75ad81b0a6d528bb46759cffe6cafda21853561a2058e0d24e98104dc40655c31a54673b3028323eee048337c6d156ed3d1c20b3
Score

1^/10
behavioral11 behavioral12
- Target
  
  CubismViewer5.bat
- Size
  
  2KB
- MD5
  
  e0c56c00ef5740aeb450907cd9e38f37
- SHA1
  
  7dfa9e7f5e0a0cb5128ebb5d2336a77895a21ed6
- SHA256
  
  df8289131308915858890b1fbff7c823734eaf8c62523c63c9b1b853e730b00c
- SHA512
  
  0ed665ebd4f912c8a444fe63853e9885286d2810af6c63672f314f46a0c545820a775160f666c79599647693705061f9087a817d39062cd549dc836c83fe3ce1
Score

1^/10
behavioral13 behavioral14
- Target
  
  CubismViewer5.exe
- Size
  
  83KB
- MD5
  
  fc609558bebab8bbd4414d813986a080
- SHA1
  
  54c5538af52f194282b372a69a08d9fcc9fb2a49
- SHA256
  
  17e1c871bfcb967a3fbc0b36f076a8e763839c61dd6e9f6558e4a0efdacc814f
- SHA512
  
  5dd0101bddc71f2e4750d62d8b33d79c3db80c50dc82ae02d438c2535767e5fd956b79884c45c717f6adb70813eed70c2430dd77aa1374fee20b4e4f6e1d4331
- SSDEEP
  
  768:Uftzk3RkAWpMmC921pbtCAvgtxMmC921pbtCAvgt12ToFbHcX5V1VaXLkjW:Uftzmb8BC9QUogtxBC9QUogtggbyP0R
Score

5^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral15 behavioral16
- Target
  
  CubismViewer5_d3d.bat
- Size
  
  2KB
- MD5
  
  950c5f6868b35a54b8328d09d7f336a1
- SHA1
  
  fdd87bc8f820043d6677b78ead593cfa2c76fcd0
- SHA256
  
  ee6fed0410561799564f6fbd416e8ec10edfb707985aa871a50571eb0a3b90cd
- SHA512
  
  4fef9adabab4de190bcb89091e87bb3c73c233c05b90f0d02f1982b6cec165ce643930e38d54c6d8777611e68cee170f8d7ead2ed4c1da6121464d8714f881e7
Score

1^/10
behavioral17 behavioral18
- Target
  
  ProxyConfig.bat
- Size
  
  504B
- MD5
  
  1f3887e3837cab2b3e38ecf661881a71
- SHA1
  
  774ad888d77b9fca4536e830cad8e703ceb1c085
- SHA256
  
  c9b924644749a5e3fc8131443a8ff162278791a7e64e8dd8756625a5a9e2b9e4
- SHA512
  
  cb7634e8bcb6ae5a0dc26628985326f8c1ed99a3a15774570b91b67651c75b7ab0df910fbba8bc9ba5d4d4a20e7b08a3087e21f24d6e6bcd8f5e5d5b9ffd36fd
Score

1^/10
behavioral19 behavioral20
- Target
  
  app/dll64/CubismNatives.dll
- Size
  
  8KB
- MD5
  
  f20f23a70a44fdc307990f8a5a0e688d
- SHA1
  
  1cef90c61bd206fd1954f90caeedc1aa3de1be35
- SHA256
  
  a7db0c2b160c786459eeaf7842d439ad2578c10dc75f354e680dc766f5ab350d
- SHA512
  
  5cc8247aa36526185ff36e209a786e4bbe67a1cf428e9379ccf92b03b58eb705ce2bc646e38742014a83f80c2e571802c194043bd9927ebdf3e44d9d7221f42b
- SSDEEP
  
  96:R2R7nRtdaVJbXjY1U0ePUY1c3GZpQ3X+M7sYXOCuMDCt:RG7n/dQJXk1UbsGc223X+Mw6N5a
Score

1^/10
behavioral21 behavioral22
- Target
  
  app/dll64/Live2DCubismCoreJNI.dll
- Size
  
  110KB
- MD5
  
  8f90d89d3a7e51255b0262cb7c5b69a8
- SHA1
  
  c181fc4154bd66a5fd669b24432503b18fffe55b
- SHA256
  
  a1c9c194c0518756b47538c4164311c235a83ac77ec51b992a7e01e8125c7bca
- SHA512
  
  5999960adfc4933421e3947809e83dea3b244dd689dc406f6b44fd24b22efd2efce7ae1886568729e52814893af3a7cfc09a1a15a6e9f4031d7545f7d7788efe
- SSDEEP
  
  3072:JSA70QQ+eRBO13JqWSLYpFkbBjA4dWZamqELZehP0nO:JSAAQQ9nO12LYpFkWlZamqKZRO
Score

1^/10
behavioral23 behavioral24
- Target
  
  app/dll64/Live2DCubismMotionSyncEngine_CRI.dll
- Size
  
  525KB
- MD5
  
  ba2575ba1e1c500e3b76033c447c5f52
- SHA1
  
  239a88b6c0b77df44627ce04259ef524beb90af1
- SHA256
  
  e279b4f5e05daf9b0dde92e1c3c5c5b8d1b559ddbbe65267fa3b2f5ed77c496d
- SHA512
  
  e84afe4417d720fba7c1d7bed1cc417ac6012e862653b86cf31d23cf95d772a4a2e0e78ac0e959519314f34e4e30510fe43b9d4261cd13bdb8fa780763b4fe1c
- SSDEEP
  
  6144:xDAVvFFfRwOH+CMo0tILU3bThtlRcn0MHqtsdVK+T6Lai++6omz6Fsh5WhzoafQh:0FFf6cMYeR8bHtDeL3AzmF0iohmS
Score

1^/10
behavioral25 behavioral26
- Target
  
  app/dll64/Live2DCubismMotionSyncJNI.dll
- Size
  
  67KB
- MD5
  
  c6f642e2594ac885ae907d1adf5f9c27
- SHA1
  
  0a41303977b4807cd7cd75dfae6f4268f3d60842
- SHA256
  
  b8d7b53e196010dfd74f2167a6d26aad2bdfc6d58e4796093603e87089c61094
- SHA512
  
  a24d58bbae4eab83c97d8ee088158a44a941d6c702c35d6c6c11aaf76f66430c060bc4ebeace84c3b362d3dea199a34b0ac6ee34a8779d46496f4cfc618739d9
- SSDEEP
  
  768:8zF68+AVWFCu4CRJE+6kn7ZUxTqJ/2ToFbHcX/zEFiRa:8ctQW5mSmx+J+gboeio
Score

1^/10
behavioral27 behavioral28
- Target
  
  app/dll64/Live2DCubismPFUtilsJNI.dll
- Size
  
  21KB
- MD5
  
  47f4ae3c4ded692e3d5c6cc657015044
- SHA1
  
  f81c29ebaa1a5973062c31e510c333ede2e960c3
- SHA256
  
  4808d08b6a23e51f18a2aaca449f8b8bb9355a71cdbdbd80c54efbdfe87bbc7f
- SHA512
  
  40165631aaabfa2ce43f2ba47d188b25c401703d87468b255b5af3fa08c6f90ad1a3a31e88293ab8c1309346706c2c2ac8363ada25086813fc614e2cf6368ec8
- SSDEEP
  
  384:UQGTnn3wweMoU/u2WuFRGfFbHcXKcvhzOIWQGV1VF0hXHMGBk7/UMQ3+Bj:UBnt9o12ToFbHcXwIWHV1VaXLkjdj
Score

1^/10
behavioral29 behavioral30
- Target
  
  app/dll64/flatlaf-windows-x86_64.dll
- Size
  
  9KB
- MD5
  
  697d496ac9f5aaab8ae025322358c61e
- SHA1
  
  2043eac8cdcc2e24b854af1eacd77a5f2a395a27
- SHA256
  
  a7273a4cf48ab3413f2c186cc95a3367a73ce99f8d45329383219d4cc27003aa
- SHA512
  
  b6702cd49a3af9f97f697565136f140692af9f8b271e672f2e91c920a23212b778583786f2377078117113647926338614a92c4a2423318b7a21ba2fe3a89838
- SSDEEP
  
  192:C4ZynXsoPX3dGJwNW6UbBMTaSCLGTFyZsRSfP5x35+:C4ZeX9PX3RWzbBMRCmyZsE5xp+
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32