Overview
overview
5Static
static
3vlc-3.0.21-win64.exe
windows7-x64
4vlc-3.0.21-win64.exe
windows10-2004-x64
4$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3NEWS.vbs
windows7-x64
1NEWS.vbs
windows10-2004-x64
1axvlc.dll
windows7-x64
5axvlc.dll
windows10-2004-x64
5libvlc.dll
windows7-x64
1libvlc.dll
windows10-2004-x64
1libvlccore.dll
windows7-x64
1libvlccore.dll
windows10-2004-x64
1lua/http/custom.js
windows7-x64
3lua/http/custom.js
windows10-2004-x64
3lua/http/d...w.html
windows7-x64
3lua/http/d...w.html
windows10-2004-x64
3lua/http/d...w.html
windows7-x64
3lua/http/d...w.html
windows10-2004-x64
3lua/http/d...m.html
windows7-x64
3lua/http/d...m.html
windows10-2004-x64
3lua/http/d...w.html
windows7-x64
3lua/http/d...w.html
windows10-2004-x64
3lua/http/d...w.html
windows7-x64
3lua/http/d...w.html
windows10-2004-x64
3General
-
Target
vlc-3.0.21-win64.exe
-
Size
42.9MB
-
Sample
240809-gysj4a1dpg
-
MD5
a6f92affb6ce711f9f5048410cb4bc32
-
SHA1
80d994fb95087efce34aeb4a98c8f4d7d2a035a6
-
SHA256
9742689a50e96ddc04d80ceff046b28da2beefd617be18166f8c5e715ec60c59
-
SHA512
1a8ff18e29514c48b29fab5ad419b506610c462c09891b4ba6dc0cee550d05eed03bed8d018b9bd61b3d81e1848da7845d53c1b01a508dd87381791541a44f2c
-
SSDEEP
786432:7OvIHtds0udYsBQv3eva1Umww8RZLyP7QL5ojI54qcDhvcOm:2C3/sB0eyyxwXP7QL+jI5UDNcH
Static task
static1
Behavioral task
behavioral1
Sample
vlc-3.0.21-win64.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
vlc-3.0.21-win64.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win7-20240705-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240704-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
NEWS.vbs
Resource
win7-20240704-en
Behavioral task
behavioral14
Sample
NEWS.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
axvlc.dll
Resource
win7-20240705-en
Behavioral task
behavioral16
Sample
axvlc.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
libvlc.dll
Resource
win7-20240705-en
Behavioral task
behavioral18
Sample
libvlc.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
libvlccore.dll
Resource
win7-20240704-en
Behavioral task
behavioral20
Sample
libvlccore.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
lua/http/custom.js
Resource
win7-20240705-en
Behavioral task
behavioral22
Sample
lua/http/custom.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
lua/http/dialogs/batch_window.html
Resource
win7-20240708-en
Behavioral task
behavioral24
Sample
lua/http/dialogs/batch_window.html
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
lua/http/dialogs/browse_window.html
Resource
win7-20240705-en
Behavioral task
behavioral26
Sample
lua/http/dialogs/browse_window.html
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
lua/http/dialogs/create_stream.html
Resource
win7-20240704-en
Behavioral task
behavioral28
Sample
lua/http/dialogs/create_stream.html
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
lua/http/dialogs/equalizer_window.html
Resource
win7-20240704-en
Behavioral task
behavioral30
Sample
lua/http/dialogs/equalizer_window.html
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
lua/http/dialogs/error_window.html
Resource
win7-20240705-en
Behavioral task
behavioral32
Sample
lua/http/dialogs/error_window.html
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
vlc-3.0.21-win64.exe
-
Size
42.9MB
-
MD5
a6f92affb6ce711f9f5048410cb4bc32
-
SHA1
80d994fb95087efce34aeb4a98c8f4d7d2a035a6
-
SHA256
9742689a50e96ddc04d80ceff046b28da2beefd617be18166f8c5e715ec60c59
-
SHA512
1a8ff18e29514c48b29fab5ad419b506610c462c09891b4ba6dc0cee550d05eed03bed8d018b9bd61b3d81e1848da7845d53c1b01a508dd87381791541a44f2c
-
SSDEEP
786432:7OvIHtds0udYsBQv3eva1Umww8RZLyP7QL5ojI54qcDhvcOm:2C3/sB0eyyxwXP7QL+jI5UDNcH
Score4/10 -
-
-
Target
$PLUGINSDIR/LangDLL.dll
-
Size
8KB
-
MD5
6a4ce8d10efd06369f368898462546e0
-
SHA1
79b9c182afcfddb4687663f287327fb968731c1b
-
SHA256
42c46cde21b03935314697ef444b01d85e319fc443519bde35fec90c8b21fc98
-
SHA512
8a5f1d1bf6fef5ed5b51f41129715bdad0ebabb539c0260b080e567a101db7acdba722a9df5e55527ccdd2bf05a009bfee3c4a3745825c953f3348ef55e61918
-
SSDEEP
96:e0nLo47eYkrGj23kBTPEa8ir2qUuRkNB/RMZCabEe/2/HdNfdpX2N:foZYkrGj20tEEeYkv/RaCw/2/9h2N
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
28KB
-
MD5
4a82832a6209cdc3a2447ab2de137542
-
SHA1
21f334bf90566e3a94a712b68f2cbc32746711d4
-
SHA256
b07a12c5ced6a1ece5e7dc4103f8b3e15bf77f5edb70daef115b9a77bcf55885
-
SHA512
6bceff4d3eba26a84029d09f6e403f3fc0c95a744f4d6bfde22accf480a724a0f38960d848a5255258a6a57d3ec9b384847acf167b485ff67f7161aac04300f0
-
SSDEEP
384:AGEs6MVKQq0DwRiGUaLYuAXLaMoy4m973uwYkv56YPewyy1Eiu8IuFd/9:AGEQKZ2wRiGUcY8TBsdvkdwyyvIs
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
14KB
-
MD5
8b11196dc49c4df98c6f97457c97e590
-
SHA1
7ee6c21506ac68a1ecf36be5d632ee339311d51a
-
SHA256
47a1976b7736371b9b2e073ef0dd49db3bdbe604ec9ee77e50621e5f19d9ae7b
-
SHA512
4c77005b35f9c9c3cd64d5dba178f45ed250974848086e9da283d539add6aa70bb9ec44782f69f115ab87d1d1d723a63698f9b9db817710b52ab836a87e654b7
-
SSDEEP
192:RlWWck581HwPRLG/CocFR1w5nEYkv/RGl5Boi6+6SZSM3CU:mdk5SoRLG/CocFR62Ykv8l5Boi9XyU
Score3/10 -
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
10KB
-
MD5
d0ecb311ba0307fea7ef74699fd8dd2e
-
SHA1
5ed7f5f4c9d29363b8aec070aec5b78b68311980
-
SHA256
2790ae9ffc256e0c1b8f9570858920ffa5a224c15939c84ee01918102e1dfd0a
-
SHA512
49177e9c9d110dc639cb15bdf7f154807da1898d9289ce82b753658f56641af03864dfa6727c2a67cd499af8858605de007f46f538ca7119e1e3f73994a23bd0
-
SSDEEP
192:nItx8GSBYnUMu3Oad973Ykv/RGwCzocJ4D4:Ix8GOYnBu3Oad973YkvMwCzocJ
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
38KB
-
MD5
391f1b7c2ba6cc753cc300eb0b3c522f
-
SHA1
0395ef1df4e1232ba4d7c1f65a042d84bd9b5a76
-
SHA256
72d4ec8a496c7057f676bb6c0d3ae872f22fa88efe2aaced163ee1f429534dde
-
SHA512
a8ece6215b85a4ba41723dcb3e5a6eecaa74b1b99508c2df47af2ce6d3c0c979012080b202829ac848a09a7687ef0572827e0a9042e2c567563ce6284e9ea29e
-
SSDEEP
768:MbD+fcSYau3E6fCnOOOOOOOOOOOOraSr5YioFENAMxB5YioFENAMxx6:iD+f5uGnOOOOOOOOOOOOrp7oGxv7oGx4
Score3/10 -
-
-
Target
NEWS.txt
-
Size
214KB
-
MD5
d29d2c41db4100dc1e21c7a29f7bf0d8
-
SHA1
9f08760a492163f20cdab64564553b824841caf3
-
SHA256
310a9ccb2ff5dfc4f9bf7d5e971708b8d7af93d7c864fededfa104a4c97bbc31
-
SHA512
2276d5c6c8751b42943778fedc3c7fca53b45ae44269c3064d3c76741ba2372e7c1f7d03ad7b8158f7685d8bc3c40e2fddfa84df5986163d400c267ddb26b7cc
-
SSDEEP
3072:hGM5mcQklCuGhRfvXcm5G6f5jPUaXLHFNJhYV3:hrCj7D7maXLra3
Score1/10 -
-
-
Target
axvlc.dll
-
Size
1.3MB
-
MD5
76c37511ef2e97250cfb0142a114954f
-
SHA1
23940be6359e9230bdf2121d13ed982a203c19e4
-
SHA256
ee55b5ca4494dae67e5328128587829e1417e732d0f76858b473c834d5306419
-
SHA512
f154ed9bfdc0a8a0cac5e3723c1978f5f21d0ffa1f734c5a64c3c6562c4b0a59722aa0a224cff5ea88bddbfd0789f7118b179f4a25b5badaaf0c78f17ce9a15e
-
SSDEEP
24576:DomQVHuicQOmmdkikBQWUT0lRr1K11piNzz000U000s000G000aiYvgraBj:TeHuicQ5myrBQWUTIeKz5
Score5/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
-
-
Target
libvlc.dll
-
Size
189KB
-
MD5
264a9e0194dbd3c0540d67b156ecaaba
-
SHA1
4f1e7609e3ad169550e082fa35d08a7457a528a0
-
SHA256
095d164633af53ac015dcd76540e8523744f57d506db111f19b3fdd9d6180833
-
SHA512
2d1e8a98b8183b76f1b7fe4c8aedae69f903f29cb0e578f82399c5a1e817f479c5e45904f6f1e736b300a9e6d9d33c2caa4b60cb87b0cde3f03321f881c4945c
-
SSDEEP
3072:MM6pRaubfTPeuD6spsr8VERyc8LQWJLyLMBs1sI:MMAHTTGWI0cyczgLyLR
Score1/10 -
-
-
Target
libvlccore.dll
-
Size
2.7MB
-
MD5
c62c3ef5753af6e0980f38eebc196b1c
-
SHA1
fd1d62feaaacb7cad5f952b61a6f7bd60d6dc4e1
-
SHA256
2ddb85b36650f85b5a09724c5b17428b1b1b76bd3e3dd85b643933659d5e333d
-
SHA512
f2338d26b073d8a796a7a19ee290b87b63f30f6cfa62e74d147756d2362898a167784c860d9bc098b1ec1a080aaa0fad25ca8c611b7e8f42ea8195c2b14abdfc
-
SSDEEP
49152:0F0rn/mnSnjfazU2TGlMo1PBAUZLY6sEZGaXBuQQ9eI:0F07L60PBAUZL3W
Score1/10 -
-
-
Target
lua/http/custom.lua
-
Size
474B
-
MD5
3327d64fdf86ddcff03c16d22171d834
-
SHA1
a2607d17d684d4b63b967d128172f861d1254b97
-
SHA256
a6623694797e67dc0f22e4f64570825e489d2730676e02db9d6911a04d2cb1ca
-
SHA512
72d32c7b15937f425f7f16d20295d9b4ee9faa76fb96b633b3ee54c3df94566f4eef38fd43e1890cf5e619dd2eb9bf8628c32e50838cdac93ef50b138c2c5fc0
Score3/10 -
-
-
Target
lua/http/dialogs/batch_window.html
-
Size
889B
-
MD5
f32ae14ca9d7673ebb23fc827d78076f
-
SHA1
ff5bff0318296a910740411201cb8a4ca206b608
-
SHA256
5189cdb57f5b2e8c3add7e6c4487f5cf8a018508c612f35c8e1305512f2176e8
-
SHA512
f5e1994188c34753cdc0dc5143dcdf66a86e56b3a040c1f4b67f01fe5d443fa52f05abfdb8717e051284e5697d4a0ac5f46d2ae36b2c518c0d5a96358f5b0f67
Score3/10 -
-
-
Target
lua/http/dialogs/browse_window.html
-
Size
1KB
-
MD5
78f476640b27adfdcfe6e26edf4cc7e6
-
SHA1
414d54995cc46fcf5a12b826df9b8f6f2be21100
-
SHA256
d93c774a7aeb4594f56b37e81838ba03b6855c2bbd91eb8cb803dbd413c5e571
-
SHA512
daeddd3974908fa314d072b37accaf3dc0f3ab694fcd8acde02a77176d54710fc9115c2ab915b3b063fe3ea89308cee9e3fd67da1641735027af74fc6bb8080f
Score3/10 -
-
-
Target
lua/http/dialogs/create_stream.html
-
Size
14KB
-
MD5
c38a93ae302612a55ccf7f11bdb79c37
-
SHA1
f6064e146909323276c6c43410f314666e35b5a4
-
SHA256
fdfc3417223b88d2e8f0421ced4711760ab11a3c18a50dc05b805a0f4f1a5134
-
SHA512
9c38a52c10455ffa179f0bad0d09d50defddad25d850248a4a15ebf5aefbe0165e12ee7eace516ced181362062b7651c9f246c4a1c77a6da867bc8ad978d56be
-
SSDEEP
192:jvlSM2AtdS0E2jSC+J3kuC6qSSSKyf+yO3zy6CGuGek+3LbnAilKyc7aSCWM2kco:jvlIATE2jJAhuDqx3J0vHEF
Score3/10 -
-
-
Target
lua/http/dialogs/equalizer_window.html
-
Size
1KB
-
MD5
06ac4c0cd41f6d82fbf3ac0053567295
-
SHA1
5ddbf4e9f947a42819e00c3b5801ede0839ecf4b
-
SHA256
62cac570011b9b07e0f421612571a1ce663e49dd3b90a16cf31d8855f1adddac
-
SHA512
32ddf815ff7de04562ed71a0f2484770bc03a4730662a35cd93c42f0771742d0ddce1292cc96bea06251c97380291a54e9b89563cf078b36b684b58dcbf7ea72
Score3/10 -
-
-
Target
lua/http/dialogs/error_window.html
-
Size
501B
-
MD5
ad9769b13838d62653857ff47718c6c0
-
SHA1
a4683573d5b43aca9e256d4a45dc5ac46db927ed
-
SHA256
75d1a1ab807cd97801bc37ed547b26c7b357497e82d01221ac064497c9480304
-
SHA512
58a7d9ce56936da79a8f46f0f5c1e465d63ee1b8f68701627ffa00e1c43267899a64a3dfe601bf660bfee66b5ea365a27ba8d68f7d598ab6e3a917b52d6e9fc0
Score3/10 -