895a6ce7d66afb48d0347e8597c191d19514ed8f6c698555c8e0994a44c847a5

Sharing

Copy URL

Twitter E-mail

General

Target

Microsoft.HEVCVideoExtension_2.1.2191.0_neutral__8wekyb3d8bbwe.AppxBundle
Size

7.3MB
Sample

241005-w37bdatejd
MD5

1060a387d13e4c46c32f6547fb5bdc64
SHA1

5d1a857b98421a89f2f641ec46a0a9c37bff3a10
SHA256

895a6ce7d66afb48d0347e8597c191d19514ed8f6c698555c8e0994a44c847a5
SHA512

605c706468185a99a7d3b671ab3847615931ac308f1b710e83f4228eeaad0fedf60ef3f7186cfbceda870897cabd4deced9edbc00ac689e54175205d81613b4c
SSDEEP

196608:Bda1PlVuBiR4bFuP2/Rxx3kmGMuP2/3x/NkNvGklHF:BI1PlVuBU4bwP26mGPP2ZyNv9lHF

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  Microsoft.HEVCVideoExtension_8wekyb3d8bbwe.arm64.appx
- Size
  
  3.6MB
- MD5
  
  f24a521817b826ab7f5fb801e4d4f346
- SHA1
  
  878e6132ec3977949a583a4ee406f297c42212bc
- SHA256
  
  569ab80728b15d2807fa0292f4c47de9332a125268695ab7721b8e53d27aa745
- SHA512
  
  cb46334817031ceeb3b3c831fbf5ae69e34979ec03d71963249447680c3a3a2456aea0a1c6fcc65ec9ab4e74eecbed01311d92cccf23286c03c1be13c08c6e61
- SSDEEP
  
  98304:fdaTBzLlVuyKZiRyY4dNTwSuP2/RexgxMuFjKw+TUXi:fda1PlVuBiR4bFuP2/Rxx3kmi
Score

1^/10
behavioral1 behavioral2
- Target
  
  arm64/HEVCDECODER_STORE.dll
- Size
  
  1.4MB
- MD5
  
  f0d8cde4db477fb28e6aea87f4698925
- SHA1
  
  a595afb51101fefaa97393615749036d52826e1f
- SHA256
  
  47fd7da5d98c478bc3bb8109d9c8b048a30ffb933356fdac4c57ec7e3c69c49b
- SHA512
  
  e212d4774b25fc92e60c33a5ff353cc564b0ba3e155ce0bb3e9a5b53fc1f5889a218fff8385bcb065d66051217b7923412f9296aa7e0f4e97563346c9889dc4b
- SSDEEP
  
  24576:/gnMQ3Hkt7azL81Rt0sAR24tI1zSycaAkIHl+qdzTDEaRChIBbZCC:4nMza38rcka2IbZX
Score

1^/10
behavioral3 behavioral4
- Target
  
  arm64/mfH265Enc.dll
- Size
  
  1.5MB
- MD5
  
  b84609d9a537338e6bbdf395287e71b1
- SHA1
  
  15afa82f9b15fd8eadfedc1b0471f65024680283
- SHA256
  
  bd259692d1952b8f4e6d87de31217cb14da49588f99524b33e00a918bb9f4014
- SHA512
  
  13fd13a01b671c569a2ec787eac0cdd3b8cfbd67f2917686667b230cbde4fb7ec2ba3c76dfca7841174273198bf4b1731068402e7491fd4fa187ffab52e24d60
- SSDEEP
  
  24576:LFbb0vA+VNk7Hrpwy4LfzxvGg0rWXAJ1gVK21oju5b+gGjNGcGq:LFbb0vFBy4LfzX0mJ1oju5bDYNTh
Score

1^/10
behavioral5 behavioral6
- Target
  
  x64/HEVCDECODER_STORE.dll
- Size
  
  1.6MB
- MD5
  
  f6ade24aa3367ce5f8f216353cfaac37
- SHA1
  
  f66811e9f1322f60c9e7c433f404e4ed8f2ddc6f
- SHA256
  
  849581c2784f5b9bcde924bbff6eb77a63b93f3a2a9728bdddf587a6513df160
- SHA512
  
  2a6c81e74b8c0ff8a7e0b009acf65a19677b5d01f03e54d9255f2a5433bd86a05e686929e4be0244b1d20e69170d69c4dac1a967d9d5f11122df8c8f1a92fd81
- SSDEEP
  
  24576:4NebgTdf8WvhxSpSXvMS2XT9TtCzD3uNijHyYIdUCutkH7hlcnpRT6QbwUpfiao:4oGBhzXvMSoT9TgKVYIBhlcnpRWQbbC
Score

1^/10
behavioral7
- Target
  
  x64/mfH265Enc.dll
- Size
  
  1010KB
- MD5
  
  06bb72142c6a96f3373892e98d5a3f62
- SHA1
  
  d64eee1b291ec9edf9107e896ae13420edc1be54
- SHA256
  
  264c3cb6710577e4ceff75e67e4f6bb95f443c948d5dc30158097d264aaf487a
- SHA512
  
  4c9ca4946c05e5093f682717b75529fbfafd20815ce7ace482a27ee383e98a8b9d0d8b157074d0d5e3420b2573272571f17446840e2c4299d8513bebec7d338f
- SSDEEP
  
  24576:Mq8GZxQrLfJ+DYWvuL/gf0Caz1AjYHNb+:FjQrsDBCgfG1AjsNb+
Score

1^/10
behavioral8
- Target
  
  x86/HEVCDECODER_STORE.dll
- Size
  
  1.3MB
- MD5
  
  f6e59ac8cfa6a202e82e2e2dd0b130b7
- SHA1
  
  959fe005f9e5f5d912c3797e52bfff5e85648004
- SHA256
  
  ebf5cf63acf516c026b4fee5a0bd758bb43dad31ba1f48fbc4c9a3633e9c68e9
- SHA512
  
  e7a8eab638eb6819caa2391b785a252153780cf1e3c6fe8ba27d2662030f8c23eefd5250abdbc4a0057115a5292731646ff1cf29a9ba9a052890339ca189c74e
- SSDEEP
  
  24576:VbWYLgrl7inSX5T1jIF18m+e7ZMkOv5G3KTW6XpI:Vb/gBXeqmV5OGaTW6XpI
Score

3^/10

discovery
behavioral9
- Target
  
  x86/mfH265Enc.dll
- Size
  
  973KB
- MD5
  
  2509592e7a9a169217c6d6b2f9338878
- SHA1
  
  563f7d318cd9abffa6f08ed89bd36625703201af
- SHA256
  
  5b78bb06a5994ba4a8b16a17f1976cf74dac6e1f3e774c36bb43c3aaa3edc1dd
- SHA512
  
  5d83ca1eec8a6a54fb00db622ac38137e863507888ab9bf0573b10344fc40eb0a099c84328a6e37ff738970d67cc724aca027ffb5e12af35121f89b0d26f45a4
- SSDEEP
  
  24576:eQ11gjX/QVpl7gG8geREGQihZ41GvQiAKhr0Iem+aJy4uEfW4gJtIV1boMssnJ7Q:eK1gjXa7gG8geREYAg76m+azu4WjJtIY
Score

3^/10

discovery
behavioral10
- Target
  
  Microsoft.HEVCVideoExtension_8wekyb3d8bbwe.x64.appx
- Size
  
  2.4MB
- MD5
  
  514622397511a4e436a3a2a1cf11976a
- SHA1
  
  3fe319420619cca179915c90fb284db340cb30c0
- SHA256
  
  6513eb4130f3538f4ba95426fcb397cae1bdf75ca584a8e109a67b28d8cb34e1
- SHA512
  
  9649e17a7591964df00f5edaac2582170cb6bcb03a3676f4a82a82a80f1b0946c61a7e1ffb23e1b0bac10b75c236fb77c589d8ea9f982c33d6b00f901d62e732
- SSDEEP
  
  49152:MTB1hYiEuZJ2/4FPgHRMuZtjKo/+6XKEt7nxiXKIA:MTXhSuP2/4xgxMuZtjKw+oUXvA
Score

1^/10
behavioral11 behavioral12
- Target
  
  x64/HEVCDECODER_STORE.dll
- Size
  
  1.6MB
- MD5
  
  c0d365ecee249f45b5fdd79385a53414
- SHA1
  
  c58e793db21608fbf8bc9d179c12aad3984ad8b0
- SHA256
  
  2aaf920dc87eda6c0f4e78e2839a5d25e9e6b984941c4c669322f0e763e6b6b6
- SHA512
  
  bba1d6601355a5f51005a07696dcd9d76593ed49e76580db372b8c227678ce17a4e66c58578c4dc7b59dbcf99b856adb644232c847da4a54a70a2e3b5973b69e
- SSDEEP
  
  24576:2NebgTdf8WvhxSpSXvMS2XT9TtCzD3uNijHyYIdUCutkH7hlcnpRT6QbwUpfiaq:2oGBhzXvMSoT9TgKVYIBhlcnpRWQbbA
Score

1^/10
behavioral13
- Target
  
  x64/mfH265Enc.dll
- Size
  
  1010KB
- MD5
  
  8a4aad1119ebf50392ac366478d12abf
- SHA1
  
  d45cb1b4d3cba14aedac8b9612bc40b779e6a186
- SHA256
  
  e1fd470b6dea88310e0634b959d460ed4fc2eea8c83e4dfa9a54c89c0a0e121c
- SHA512
  
  29f7bc9d9c45a8ddd218c7af7a5655a3fb4affd97fa6373de113e87534c552edd63524a4d49619ed7323a413e33c5a4138bc102dbffe43218c3d9f955166f7e2
- SSDEEP
  
  24576:Qq8GZxQrLfJ+DYWvuL/gf0Caz1AjYHNbI:JjQrsDBCgfG1AjsNbI
Score

1^/10
behavioral14
- Target
  
  x86/HEVCDECODER_STORE.dll
- Size
  
  1.3MB
- MD5
  
  a53f99fa01dd76d201af34238e48d67d
- SHA1
  
  243375a9d26a156cdc27c9f96639e1bcd8007e83
- SHA256
  
  71832f8583f5e36f78a0d6ac24fe22587e44344f462040794af7296741c89c54
- SHA512
  
  2358242345cf286193660d1c04c871c55cc482a0a4b3c5b5f6b1beccbe087783022c1aa80ed0858d4c22afbd7beae6a2366e1adb4e359bf3b9deaad9df2b2c22
- SSDEEP
  
  24576:XbWYLgrl7inSX5T1jIF18m+e7ZMkOv5G3KTWaN+:Xb/gBXeqmV5OGaTWaN+
Score

3^/10

discovery
behavioral15
- Target
  
  x86/mfH265Enc.dll
- Size
  
  973KB
- MD5
  
  a0aa2f7eef6512530c07494bb1ad5d6a
- SHA1
  
  6dc9706bb21f6206db1b5489cea45335e672c5ec
- SHA256
  
  42bd89a668a8986418119cf3632fc8538ea97d87d40f9789265f4a506db386e7
- SHA512
  
  4cc4e92ea92a2eeb6d50ffa6b7ac58ca135fda1662a2aba4facdc88adb16616b89b2a2ea1d8f6d85179f33faf0a98477a617043a99c4ee0455b5cf42a906dc6e
- SSDEEP
  
  24576:jX11gjX/QVpl7gG8geREGQihZ41GvQiAKhr0Iem+aJy4uEfW4gJtIV1boMssdJtx:jF1gjXa7gG8geREYAg76m+azu4WjJtIP
Score

3^/10

discovery
behavioral16
- Target
  
  Microsoft.HEVCVideoExtension_8wekyb3d8bbwe.x86.appx
- Size
  
  1.3MB
- MD5
  
  d0f176b2f9dc4edb978ea2513259e64e
- SHA1
  
  9889f68d565788cca7c26706262afbb22c716062
- SHA256
  
  5645773f3c485c4b7fffa7b29eb827fb6c71e1a9cbdcf770cd9f70e4c504095b
- SHA512
  
  cd440ea786ca9a9ee31f9065562e68783aa14ad40510c0da8dccf622e374a3cc5080bc24af2d332f996d9ddc2af7fb751d90c28236953a156b9bc276e59392e6
- SSDEEP
  
  24576:obKkO6Ki1mLK9IR/+x45JvBUVx17GtvFhxEGTPw7z94KMOxz:5kEjKo/+6XKji9nxiXKe1
Score

1^/10
behavioral17 behavioral18
- Target
  
  x86/HEVCDECODER_STORE.dll
- Size
  
  1.3MB
- MD5
  
  331a01db099e1221b49451d52d57fa6c
- SHA1
  
  4223a528252a388593f5ff0c68a744abf8ccee66
- SHA256
  
  75ef3076acf7f987fee558632b6617a932d998cc30e42b21ced5ab9db3a30fbd
- SHA512
  
  7b5c7db1188be79915c8b768d498d902b3c77d25a10964fcfcc6ee4631992cca21c58183f212fdd1bf8c1b713a9b907ff2d289577ab0ac4fcda85d898ca8f859
- SSDEEP
  
  24576:AbWYLgrl7inSX5T1jIF18m+e7ZMkOv5G3KTWz3oF:Ab/gBXeqmV5OGaTWz3oF
Score

3^/10

discovery
behavioral19
- Target
  
  x86/mfH265Enc.dll
- Size
  
  973KB
- MD5
  
  2fcadec5949b8960adc0c4d7f544edb8
- SHA1
  
  4bba25268ac0f67a9fc23554d0e2284f239df66b
- SHA256
  
  b7d6d277a1883cac93075e0d8ef1045a84d350234fb4da29b6bf074a5ddb2a55
- SHA512
  
  7db871b53336b9da53bfdc5c3a3744932b1ad9f572e38d97d760c591b7d6dfaaef75bcd5611e1bc7ab07fea548ee0200f3709bea93be4af8feef7b01f6dda56a
- SSDEEP
  
  24576:9X11gjX/QVpl7gG8geREGQihZ41GvQiAKhr0Iem+aJy4uEfW4gJtIV1boMssjJyJ:9F1gjXa7gG8geREYAg76m+azu4WjJtIW
Score

3^/10

discovery
behavioral20

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20