Overview
overview
10Static
static
3Celemony.M...up.exe
windows7-x64
10Celemony.M...up.exe
windows10-2004-x64
10$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDIR/bass.dll
windows7-x64
3$PLUGINSDIR/bass.dll
windows10-2004-x64
3General
-
Target
Celemony.Melodyne.Studio.4.v4.0.4.001-R2R.rar
-
Size
82.5MB
-
Sample
240824-afv4yaxakp
-
MD5
01b488069e2c06d801c8324f08da3f4b
-
SHA1
deda3a73cb8ab648370b7587cf27fed343636f2d
-
SHA256
96db525e17659e726cb2c4e3872e4678a309d067b336c80687ad051383c352c4
-
SHA512
146ac8d4689f54c932a41eb2d5c5eec49c2b5ff33047049f705ac96bead904252482a12aee4d2f04526b651143ed31b1bb0c50c545faee8a51d6f64c88d9b49d
-
SSDEEP
1572864:M2n1DWpbcQb+1hekC/0LQJzBNEcxOrIP/YpUIHdwDVKdj0nnodsYAWbjZb:M2tWNkekDLqNEAAU4wha29sjZb
Static task
static1
Behavioral task
behavioral1
Sample
Celemony.Melodyne.Studio.4.v4.0.4.001-R2R/setup.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
Celemony.Melodyne.Studio.4.v4.0.4.001-R2R/setup.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/bass.dll
Resource
win7-20240705-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/bass.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Celemony.Melodyne.Studio.4.v4.0.4.001-R2R/setup.exe
-
Size
82.5MB
-
MD5
2b408f64508f89f31eea20586050fd85
-
SHA1
8f26ee1f0d9714dbadd99ca6d26751a35dca3dcd
-
SHA256
7c7b22145b0d6b10576d358a3eb903b642b71dcf374cb58d8a372aa23b3e4baa
-
SHA512
cfa073a656dadb8455c6b9ef535858f87c747a42021b23a83596c71220e304ea61bfe4880f7f0df96f88d2ecca22d6d3b7b9a8dfbc01bd620fb9100ffe9b9290
-
SSDEEP
1572864:m2n1DWpbcQb+1hekC/0LQJzBNEcxOrIP/YpUIHdwDVKdj0nnodsYAWbjZk:m2tWNkekDLqNEAAU4wha29sjZk
-
Detects Strela Stealer payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
15KB
-
MD5
89351a0a6a89519c86c5531e20dab9ea
-
SHA1
9e801aaaae9e70d8f7fc52f6f12cedc55e4c8a00
-
SHA256
f530069ef87a1c163c4fd63a3d5b053420ce3d7a98739c70211b4a99f90d6277
-
SHA512
13168fa828b581383e5f64d3b54be357e98d2eb9362b45685e7426ffc2f0696ab432cc8a3f374ce8abd03c096f1662d954877afa886fc4aa74709e6044b75c08
-
SSDEEP
384:/MnT0MKT/Xwr2izZQ86mpAT8F9lN8Ov0J:EQMKzwTFnVX8i0
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
bf712f32249029466fa86756f5546950
-
SHA1
75ac4dc4808ac148ddd78f6b89a51afbd4091c2e
-
SHA256
7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af
-
SHA512
13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4
-
SSDEEP
192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/
Score3/10 -
-
-
Target
$PLUGINSDIR/bass.dll
-
Size
107KB
-
MD5
c0b11a7e60f69241ddcb278722ab962f
-
SHA1
ff855961eb5ed8779498915bab3d642044fc9bb1
-
SHA256
a8d979460e970e84eacce36b8a68ae5f6b9cc0fe16e05a6209b4ead52b81b021
-
SHA512
cb040aca6592310bffb72c898b8eb3ca8a46ff2df50212634c637593c58683c8ab62e0188da7aea362e1b063ae5db55cf4bf474295922af0ab94a526465cc472
-
SSDEEP
3072:/T2x0givE7LLCQv6vRoRJrdEQeX0m9JQfrob:/T2Ogt7ag65kNqjJDb
Score3/10 -