Overview
overview
10Static
static
10setup.exe
windows7-x64
10setup.exe
windows10-2004-x64
10$PLUGINSDI...sh.dll
windows7-x64
3$PLUGINSDI...sh.dll
windows10-2004-x64
3$PLUGINSDIR/Bass.dll
windows7-x64
3$PLUGINSDIR/Bass.dll
windows10-2004-x64
3$PLUGINSDI...on.dll
windows7-x64
3$PLUGINSDI...on.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...in.dll
windows7-x64
3$PLUGINSDI...in.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDIR/bass.dll
windows7-x64
3$PLUGINSDIR/bass.dll
windows10-2004-x64
3$PLUGINSDI...ll.exe
windows7-x64
7$PLUGINSDI...ll.exe
windows10-2004-x64
7$PLUGINSDI...ol.dll
windows7-x64
3$PLUGINSDI...ol.dll
windows10-2004-x64
3$PLUGINSDI...il.dll
windows7-x64
3$PLUGINSDI...il.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3Elastique.dll
windows7-x64
3Elastique.dll
windows10-2004-x64
3LAMEenc.dll
windows7-x64
3LAMEenc.dll
windows10-2004-x64
3REX Shared...ry.dll
windows7-x64
3REX Shared...ry.dll
windows10-2004-x64
3Reverb.dll
windows7-x64
3Reverb.dll
windows10-2004-x64
3General
-
Target
setup.exe
-
Size
11.7MB
-
Sample
241004-2xjk1svhme
-
MD5
1287223e90507c1ac0bc0b60f1b039e9
-
SHA1
7853f575349907eabb0dcd190fe746eb1c1c8d01
-
SHA256
b13ade9fa58f96d8f03e4e241455c1af226d6b654e2ad48a8ae7d3a61f7ad64d
-
SHA512
b90117cee136da27aefe612c73284a9977fe836ac364afc68d7bb78ca6828efd21b60b2c9ba866a6bcf0479db1c64eef6fe06b4ca0ccb0f2d8a3e3b333361d2e
-
SSDEEP
196608:uRRS34smUEH4IXhxpMzHQCMFGfDQ5jSajl3clBg3j/cWnoCfrR1:uq/fRI9MzaGf0nl3cli3J/
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
setup.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/AdvSplash.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/AdvSplash.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/Bass.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/Bass.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/GetVersion.dll
Resource
win7-20240729-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/GetVersion.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/NSIS_SkinCrafter_Plugin.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/NSIS_SkinCrafter_Plugin.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/bass.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/bass.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/shareddlls_install.exe
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/shareddlls_install.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/AccessControl.dll
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/AccessControl.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/ILInstallUtil.dll
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/ILInstallUtil.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
Elastique.dll
Resource
win7-20240729-en
Behavioral task
behavioral26
Sample
Elastique.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
LAMEenc.dll
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
LAMEenc.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
REX Shared Library.dll
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
REX Shared Library.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
Reverb.dll
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
Reverb.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
setup.exe
-
Size
11.7MB
-
MD5
1287223e90507c1ac0bc0b60f1b039e9
-
SHA1
7853f575349907eabb0dcd190fe746eb1c1c8d01
-
SHA256
b13ade9fa58f96d8f03e4e241455c1af226d6b654e2ad48a8ae7d3a61f7ad64d
-
SHA512
b90117cee136da27aefe612c73284a9977fe836ac364afc68d7bb78ca6828efd21b60b2c9ba866a6bcf0479db1c64eef6fe06b4ca0ccb0f2d8a3e3b333361d2e
-
SSDEEP
196608:uRRS34smUEH4IXhxpMzHQCMFGfDQ5jSajl3clBg3j/cWnoCfrR1:uq/fRI9MzaGf0nl3cli3J/
-
Detects Strela Stealer payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/AdvSplash.dll
-
Size
6KB
-
MD5
13cc92f90a299f5b2b2f795d0d2e47dc
-
SHA1
aa69ead8520876d232c6ed96021a4825e79f542f
-
SHA256
eb1ca2b3a6e564c32677d0cdc388e26b74ef686e071d7dbca44d0bfa10488feb
-
SHA512
ff4e6e6e7104568fc85ef3a3f0494a5c7822a4ceaf65c584ad534f08f9a472a8d86f0a62f1f86343c61e2540b2254714b7ea43e4b312ff13d8271ff069386fa3
-
SSDEEP
96:6hNSXIcmYjkvTS6MnBNZ1BMjDfhkkEkkXstWpPwoS:JXIpzTSd1BSk/kJtWpP
Score3/10 -
-
-
Target
$PLUGINSDIR/Bass.dll
-
Size
101KB
-
MD5
a8af308ff01b4477657955fbf0cc8408
-
SHA1
0794c059f0326e4a71be8a3ee4ac17a657d90d88
-
SHA256
14a38f56be50a3829eb1eda2a908da2de5913f81d5cb01d8b668593d0fc36594
-
SHA512
9e221967db95d4b86bf311891193dfd1515806aa0d43198d3bc26a17d77f06f212ab9dba1ca8575f50d224380e8b109529faccf2f56daac834da83a83677a0fd
-
SSDEEP
3072:kR+vccy3LIweO1vFCLPkG9dfSD0BXZXmpw69Qe:S+vccy3hF1vFCT99dTBX5mupe
Score3/10 -
-
-
Target
$PLUGINSDIR/GetVersion.dll
-
Size
8KB
-
MD5
e013b625f5ae1e2f0b442cf39c0069df
-
SHA1
9ec785b63279144c091366badda65278c4cdee20
-
SHA256
16dd6da98b7e53d374830cd4c644c01b112955f8487a285f34dc0353e9cfac15
-
SHA512
306f7e674d119d129db48012c43f825bffabd078fac8518aea9d514b0787752a2e876bda2ad15df7332bfc8cfba38a0d1be17ee7c58a27e09678fce9aec58418
-
SSDEEP
192:9r/9XGqK7s/AlHdJZBi46AQ5VuNxHA8/1:HXGqM93Bi46AQ5Vujg8/1
Score3/10 -
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
325b008aec81e5aaa57096f05d4212b5
-
SHA1
27a2d89747a20305b6518438eff5b9f57f7df5c3
-
SHA256
c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
-
SHA512
18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
-
SSDEEP
192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score3/10 -
-
-
Target
$PLUGINSDIR/NSIS_SkinCrafter_Plugin.dll
-
Size
5.8MB
-
MD5
028251654a4d65509aa8ccb5f2ee284a
-
SHA1
4a4ad468a86df6b903002be4f8919017fea0c152
-
SHA256
8b25cf3f7aa82fadccb2ce615ce0e40c5a8a3ea7bc51180a92173ee113a0ccfe
-
SHA512
f252670bca0da9e8e2c519a6ef4ad6dd0c4e548aeb7566693a7d203e73e63345fc58683072020ef771d836429bed1d7b4fdf105aa3e62a969e9c8d39556e1d2d
-
SSDEEP
98304:kj0Kg9frmFcqlMZ4vpHfOVlQnzW4Aogn/oXFdAaTZ8GcB7d0s:kjFA7t2RHfYlQZJgTamGcBis
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
$PLUGINSDIR/bass.dll
-
Size
101KB
-
MD5
a8af308ff01b4477657955fbf0cc8408
-
SHA1
0794c059f0326e4a71be8a3ee4ac17a657d90d88
-
SHA256
14a38f56be50a3829eb1eda2a908da2de5913f81d5cb01d8b668593d0fc36594
-
SHA512
9e221967db95d4b86bf311891193dfd1515806aa0d43198d3bc26a17d77f06f212ab9dba1ca8575f50d224380e8b109529faccf2f56daac834da83a83677a0fd
-
SSDEEP
3072:kR+vccy3LIweO1vFCLPkG9dfSD0BXZXmpw69Qe:S+vccy3hF1vFCT99dTBX5mupe
Score3/10 -
-
-
Target
$PLUGINSDIR/shareddlls_install.exe
-
Size
2.8MB
-
MD5
4fe8ff7f02020ea655944db5541722f3
-
SHA1
b5ff619c215529a4531337eef36167051cded658
-
SHA256
599c63aa0d0496363c7c99217e6c3d941125907cc4ea4c7d5d73c9b54e3deaee
-
SHA512
f4802d00d46c59882a1e1d3b8c0a43fd2ba4b22819d5417ad81cf4522e796176a920f81a6753e8297d49b3b0e60f3e1c27e4fbff2a6cc100d01cd0a39a75b4e3
-
SSDEEP
49152:lNXkhjpZr+L6hsoD/cSjvJafJc3eXIeGixJbsf4GQHwFjPfLtv+W3oZYKwL:lZ2XCGyk/cSrJafogfGiK6QFjXLfuYK6
Score7/10-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/AccessControl.dll
-
Size
10KB
-
MD5
055f4f9260e07fc83f71877cbb7f4fad
-
SHA1
a245131af1a182de99bd74af9ff1fab17977a72f
-
SHA256
4209588362785b690d08d15cd982b8d1c62c348767ca19114234b21d5df74ddc
-
SHA512
a8e82dc4435ed938f090f43df953ddad9b0075f16218c09890c996299420162d64b1dbfbf613af37769ae796717eec78204dc786b757e8b1d13d423d4ee82e26
-
SSDEEP
192:8SEWBGgiJM4LN+xq56XdNcNz/NWdlJmlyOcROQ:8SEPgii9KTzyt
Score3/10 -
-
-
Target
$PLUGINSDIR/ILInstallUtil.dll
-
Size
94KB
-
MD5
e331583b908a92193e0be215611c7309
-
SHA1
937106392134173fa3cd640c66ceea5152028e3a
-
SHA256
be44e27e8b1c78a2696451c8afa21412136bea12bc033ff9d0251922b4c97631
-
SHA512
35602924859dd83f23c728446b84e2c89fe4fa83a33842e50e96b7442ab16205ce634643185d13e086253e79685f0fbbb6c474c057b061f566ff763cbbc7d240
-
SSDEEP
1536:1DwwWKYggvaz76xH1Jsc9t6bnWza3RYcJnFGlTxaJZuE/9:9wwWKY567C1ec6bnWza3JFGlTxaHn9
Score3/10 -
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
325b008aec81e5aaa57096f05d4212b5
-
SHA1
27a2d89747a20305b6518438eff5b9f57f7df5c3
-
SHA256
c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
-
SHA512
18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
-
SSDEEP
192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score3/10 -
-
-
Target
Elastique.dll
-
Size
612KB
-
MD5
41c785ad360e246dd075a8b44364ccd0
-
SHA1
790d291e89cb6308b9fbb3ee325eca7ef0dbb086
-
SHA256
905c2cfc6d340035c28f986a136f65efeb202d176a73ec5fbb3dc096eac52cf9
-
SHA512
49ad38c3f13d3cce47c489666385df59ce61e75f4d8ac891684a1ae04597177ad9c2c7d18e0ae5a591ecbe58da06ac43c87304e5ac2a3f26767a990d524efac7
-
SSDEEP
6144:v/P2vBf4YcgYFGbR0y+fvv2/phKYhnfZvVqxzMmdE8g3QNmjsFACzKN/:f+BQYcjcUv2/6YhnfZYRMmdE8EAF
Score3/10 -
-
-
Target
LAMEenc.dll
-
Size
356KB
-
MD5
2fa01073991cb5cb74415154eb0caae3
-
SHA1
8fa5271fcc9494579c485e3f2b04df7aeb583564
-
SHA256
38059e39a1835cc360c1c080a86a854ca6e203b9bbbeb73e6663be36a07a5c1e
-
SHA512
b7e66604016bcf2e3401058c0b7e951cac46e96d6b2bd14cb02c27ace9795a1e9cf7df956e87835854d78642d7a86dc42ad21568629d120407ac9bfb5311fab9
-
SSDEEP
6144:PGOS3xd20PkjSKiowgn+OIUjws4eu5P4IIa6sh+gzAO+OYFyH:Ohd20PkjPijUOUj24Za6sHxYg
Score3/10 -
-
-
Target
REX Shared Library.dll
-
Size
228KB
-
MD5
2612524c9ebeffe1dbeeecaff2393269
-
SHA1
00701ee499528abf6be0a1a28da01bc82946e0e0
-
SHA256
7848629cb8293117055423c291bc14c3f0139e68293689c7852a9bbcea3f17f1
-
SHA512
7963ddf31171bc392cbab82e339810a459c8aed19ca983ce5512c77d67dbc979485f436e2b3eba3b8b483cd003f0c3692bd4e400f9455cad8bf14389a66672a7
-
SSDEEP
3072:W1RF1vYoipgZ3RyBKXRXzBB8Tgi9Ag0Fu6OU+mlv2S/S1o5:EFl/b8T19AO6OzS
Score3/10 -
-
-
Target
Reverb.dll
-
Size
72KB
-
MD5
cd85e0df208a3a9ef6816fa780fc37a4
-
SHA1
242059b49f8a589f3d28df3a495d22bc018849cb
-
SHA256
004dc2bd075fad0a11e7a9a739dfb6e269230a27277e2231ad36baffbd944edd
-
SHA512
8a5dfd93067e1c0a9cf2ec964c73cad744d618dad53b2ee0c0b828d9c102dfae800fa08ef0c901a7a22422f18a84adfd48e289c778713108ea99d6dca6999177
-
SSDEEP
768:SNVX34iCIGDJ+bmGYPfca5VqksJ1Qlo3QMxe47bVB59BNvt1t9gWD:YH4iu1zIjB1Qe3QseyhBjTt97
Score3/10 -