Overview
overview
10Static
static
10Installer/Accord.dll
windows7-x64
1Installer/Accord.dll
windows10-2004-x64
1Installer/CapCut.exe
windows7-x64
8Installer/CapCut.exe
windows10-2004-x64
10Installer/...rd.dll
windows7-x64
1Installer/...rd.dll
windows10-2004-x64
1Installer/...rd.dll
windows7-x64
1Installer/...rd.dll
windows10-2004-x64
1Installer/...rd.dll
windows7-x64
1Installer/...rd.dll
windows10-2004-x64
1Installer/...rd.dll
windows7-x64
1Installer/...rd.dll
windows10-2004-x64
1Installer/...rd.dll
windows7-x64
1Installer/...rd.dll
windows10-2004-x64
1Installer/...rd.dll
windows7-x64
1Installer/...rd.dll
windows10-2004-x64
1Installer/...rd.dll
windows7-x64
1Installer/...rd.dll
windows10-2004-x64
1Installer/...rd.dll
windows7-x64
1Installer/...rd.dll
windows10-2004-x64
1Installer/...rd.dll
windows7-x64
1Installer/...rd.dll
windows10-2004-x64
1Installer/...rd.dll
windows7-x64
1Installer/...rd.dll
windows10-2004-x64
1Installer/...rd.dll
windows7-x64
1Installer/...rd.dll
windows10-2004-x64
1Installer/...eo.dll
windows7-x64
1Installer/...eo.dll
windows10-2004-x64
1Installer/...eo.dll
windows7-x64
1Installer/...eo.dll
windows10-2004-x64
1Installer/...eo.dll
windows7-x64
1Installer/...eo.dll
windows10-2004-x64
1General
-
Target
main.zip
-
Size
20.1MB
-
Sample
241029-1rppea1ark
-
MD5
32672d2c0e42c11b9c05fb52dbceb4cf
-
SHA1
bef3243b7db34785dcb9d456be25fc0ed02f3932
-
SHA256
babf47d8493a17a590dfe66ba74f204a24c9e2ff878a52deabe3082766d72a79
-
SHA512
f996a26f0c6efe58fe94ad63893603d6102326fd0d4f5e304869ca776312831694ecb217ceed2a791119c0101634d2f9a563d7b15658eb0818f105a71c4d268b
-
SSDEEP
393216:P2lQQT08IesheJJkSMtSEu6dfOIdCbr2uDoqYnOuI:Pcgb9UJJ2tSMf83XYns
Behavioral task
behavioral1
Sample
Installer/Accord.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Installer/Accord.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Installer/CapCut.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Installer/CapCut.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
Installer/Tools/Accord.3.8.0/lib/net35-unity full v3.5/Accord.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Installer/Tools/Accord.3.8.0/lib/net35-unity full v3.5/Accord.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
Installer/Tools/Accord.3.8.0/lib/net35-unity micro v3.5/Accord.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
Installer/Tools/Accord.3.8.0/lib/net35-unity micro v3.5/Accord.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
Installer/Tools/Accord.3.8.0/lib/net35-unity subset v3.5/Accord.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
Installer/Tools/Accord.3.8.0/lib/net35-unity subset v3.5/Accord.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
Installer/Tools/Accord.3.8.0/lib/net35-unity web v3.5/Accord.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
Installer/Tools/Accord.3.8.0/lib/net35-unity web v3.5/Accord.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
Installer/Tools/Accord.3.8.0/lib/net35/Accord.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
Installer/Tools/Accord.3.8.0/lib/net35/Accord.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
Installer/Tools/Accord.3.8.0/lib/net40/Accord.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
Installer/Tools/Accord.3.8.0/lib/net40/Accord.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
Installer/Tools/Accord.3.8.0/lib/net45/Accord.dll
Resource
win7-20241010-en
Behavioral task
behavioral18
Sample
Installer/Tools/Accord.3.8.0/lib/net45/Accord.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
Installer/Tools/Accord.3.8.0/lib/net46/Accord.dll
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
Installer/Tools/Accord.3.8.0/lib/net46/Accord.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
Installer/Tools/Accord.3.8.0/lib/net462/Accord.dll
Resource
win7-20240729-en
Behavioral task
behavioral22
Sample
Installer/Tools/Accord.3.8.0/lib/net462/Accord.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
Installer/Tools/Accord.3.8.0/lib/netstandard1.4/Accord.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
Installer/Tools/Accord.3.8.0/lib/netstandard1.4/Accord.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
Installer/Tools/Accord.3.8.0/lib/netstandard2.0/Accord.dll
Resource
win7-20240708-en
Behavioral task
behavioral26
Sample
Installer/Tools/Accord.3.8.0/lib/netstandard2.0/Accord.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
Installer/Tools/Accord.Video.3.8.0/lib/net35-unity full v3.5/Accord.Video.dll
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
Installer/Tools/Accord.Video.3.8.0/lib/net35-unity full v3.5/Accord.Video.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
Installer/Tools/Accord.Video.3.8.0/lib/net35-unity micro v3.5/Accord.Video.dll
Resource
win7-20241023-en
Behavioral task
behavioral30
Sample
Installer/Tools/Accord.Video.3.8.0/lib/net35-unity micro v3.5/Accord.Video.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
Installer/Tools/Accord.Video.3.8.0/lib/net35-unity subset v3.5/Accord.Video.dll
Resource
win7-20241010-en
Behavioral task
behavioral32
Sample
Installer/Tools/Accord.Video.3.8.0/lib/net35-unity subset v3.5/Accord.Video.dll
Resource
win10v2004-20241007-en
Malware Config
Extracted
quasar
1.4.0.0
Office
82.117.243.110:5173
edH11NGQWIdCwvLx00
-
encryption_key
aGPuRaDerdUDJPrAfXtB
-
install_name
csrss.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Framework
-
subdirectory
SubDir
Extracted
vidar
https://t.me/asg7rd
https://steamcommunity.com/profiles/76561199794498376
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15 Ddg/17.6
Extracted
lumma
https://navygenerayk.store/api
https://necklacedmny.store/api
https://founpiuer.store/api
Targets
-
-
Target
Installer/Accord.dll
-
Size
128KB
-
MD5
462500956d2d63725fb60c83516cec35
-
SHA1
2d6326cb19d88bfdaa84112b6ff0259ec72d60f4
-
SHA256
d36c225a84415c01bc2a8e84096590a7206dfc3d36173e3c7b6a62a04c0a33a9
-
SHA512
10b1c3fcdd21464bb6f1aee796171237dc3f0763b1a6b8b41a2410aa264047fc8e256588a06ae141905b78e9a85414797b22ecb73c2a9fca150b81f63efdde46
-
SSDEEP
1536:+x8piUO4o++aIRYMUVptbFoSycwX6xIp4EB7zujXe4HvFIdtdUlIAq:+x8piUO5aIRtUVTFl86PEB7yFdIdY6F
Score1/10 -
-
-
Target
Installer/CapCut.exe
-
Size
332KB
-
MD5
9095698e073c305cb31934f911e2f224
-
SHA1
3c3a7cf49ecc1faf01d8f85d345425a3c417361e
-
SHA256
a274bbefeca015c06188faf15493b32f3ed4b175a92fa4fdf59a0da55059f6db
-
SHA512
8470d517a74c721911b7a5b93a8513630a9cfef747ef143296bfdcb3174620ddec7d2e170afbed2621f441aaa663b46eec676c9e8065b9fde87bf15633190fb6
-
SSDEEP
6144:KurqFF99YI+Ka804ozhmKuRb5B/OalLbQg1/R:YFFXY9vrzoKud59Oahbv
-
Lumma family
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Installer/Tools/Accord.3.8.0/lib/net35-unity full v3.5/Accord.dll
-
Size
148KB
-
MD5
e155917f082b3d7754937f1c8a378209
-
SHA1
f7793aa262439ab98323dd9a76988608cb3d6105
-
SHA256
4e9838f1e2d120ed2297bab01042c5d947506fbf4a96e330528cc5bcf8960da0
-
SHA512
3848a4048a9e443239064129747c9f449d149dd8400b6a76362d4fd69e84bc9baba85c2600c5adfaa5ba3cfe224d77e2166557cb4ffcdcaea822481d57658cd8
-
SSDEEP
3072:G+cdP98cPVdSvw4PDFiQezKm2sTqVJtPWdGLSJhfZETCvT4H:G+cdP98cP+4kLezKm2sgnPWoLmRZETCU
Score1/10 -
-
-
Target
Installer/Tools/Accord.3.8.0/lib/net35-unity micro v3.5/Accord.dll
-
Size
148KB
-
MD5
e155917f082b3d7754937f1c8a378209
-
SHA1
f7793aa262439ab98323dd9a76988608cb3d6105
-
SHA256
4e9838f1e2d120ed2297bab01042c5d947506fbf4a96e330528cc5bcf8960da0
-
SHA512
3848a4048a9e443239064129747c9f449d149dd8400b6a76362d4fd69e84bc9baba85c2600c5adfaa5ba3cfe224d77e2166557cb4ffcdcaea822481d57658cd8
-
SSDEEP
3072:G+cdP98cPVdSvw4PDFiQezKm2sTqVJtPWdGLSJhfZETCvT4H:G+cdP98cP+4kLezKm2sgnPWoLmRZETCU
Score1/10 -
-
-
Target
Installer/Tools/Accord.3.8.0/lib/net35-unity subset v3.5/Accord.dll
-
Size
148KB
-
MD5
e155917f082b3d7754937f1c8a378209
-
SHA1
f7793aa262439ab98323dd9a76988608cb3d6105
-
SHA256
4e9838f1e2d120ed2297bab01042c5d947506fbf4a96e330528cc5bcf8960da0
-
SHA512
3848a4048a9e443239064129747c9f449d149dd8400b6a76362d4fd69e84bc9baba85c2600c5adfaa5ba3cfe224d77e2166557cb4ffcdcaea822481d57658cd8
-
SSDEEP
3072:G+cdP98cPVdSvw4PDFiQezKm2sTqVJtPWdGLSJhfZETCvT4H:G+cdP98cP+4kLezKm2sgnPWoLmRZETCU
Score1/10 -
-
-
Target
Installer/Tools/Accord.3.8.0/lib/net35-unity web v3.5/Accord.dll
-
Size
148KB
-
MD5
e155917f082b3d7754937f1c8a378209
-
SHA1
f7793aa262439ab98323dd9a76988608cb3d6105
-
SHA256
4e9838f1e2d120ed2297bab01042c5d947506fbf4a96e330528cc5bcf8960da0
-
SHA512
3848a4048a9e443239064129747c9f449d149dd8400b6a76362d4fd69e84bc9baba85c2600c5adfaa5ba3cfe224d77e2166557cb4ffcdcaea822481d57658cd8
-
SSDEEP
3072:G+cdP98cPVdSvw4PDFiQezKm2sTqVJtPWdGLSJhfZETCvT4H:G+cdP98cP+4kLezKm2sgnPWoLmRZETCU
Score1/10 -
-
-
Target
Installer/Tools/Accord.3.8.0/lib/net35/Accord.dll
-
Size
148KB
-
MD5
e155917f082b3d7754937f1c8a378209
-
SHA1
f7793aa262439ab98323dd9a76988608cb3d6105
-
SHA256
4e9838f1e2d120ed2297bab01042c5d947506fbf4a96e330528cc5bcf8960da0
-
SHA512
3848a4048a9e443239064129747c9f449d149dd8400b6a76362d4fd69e84bc9baba85c2600c5adfaa5ba3cfe224d77e2166557cb4ffcdcaea822481d57658cd8
-
SSDEEP
3072:G+cdP98cPVdSvw4PDFiQezKm2sTqVJtPWdGLSJhfZETCvT4H:G+cdP98cP+4kLezKm2sgnPWoLmRZETCU
Score1/10 -
-
-
Target
Installer/Tools/Accord.3.8.0/lib/net40/Accord.dll
-
Size
128KB
-
MD5
7973f3ff5b1d9128ca66658576560819
-
SHA1
d3bea89f8c3037a4faadf3b399d501bcc3798cd6
-
SHA256
24e35568c79531d41330439a59ef5e2cd2e55bb87e0428daef37d9aa11ab432a
-
SHA512
e283ab910f936ac852d659d18d1ee9a6829ceaf9353a14572f43efabd34e60beef5f29f937aa6ad4e146b3c875c59bd9acb10230c9543529f08b70251204d728
-
SSDEEP
3072:ozUHt2atsOWiUcHCrltiud10RrqTEBlbX4YFDiT:ozUHRtsOWv5EgEvr4o
Score1/10 -
-
-
Target
Installer/Tools/Accord.3.8.0/lib/net45/Accord.dll
-
Size
128KB
-
MD5
585e55a96f52a550c6a6ec7859996b6e
-
SHA1
07f6112f3380eee1f349732b890a7757e9018fca
-
SHA256
67a1977a211dd33752c7e6fcafb1e6ab61b6f26f529b1373e54d1ca512ada858
-
SHA512
92f8b38f50c3b84fa8558b68bed62891bb508ac208a500cf18fb586e12adc37a70f3a7ee71d7a656be188b0ab3eedbd944313dcab5e7d0c06f543c98331d40dc
-
SSDEEP
1536:288phvO4o++aI12Mo4BOtbF4kDDV2LYWm2aIp4EBVJo7Je4Hjs1IdtdUCIw7:288phvO5aI12Mo4EF/JEBSJFDiIdYdm
Score1/10 -
-
-
Target
Installer/Tools/Accord.3.8.0/lib/net46/Accord.dll
-
Size
128KB
-
MD5
c988f0203059a8017533d086718ae3a9
-
SHA1
861c257a172625436305d1ebf6205bae2f695d9b
-
SHA256
b8eba126ccbe1e641b062fa1a4f45d094519bd5bc6ea81a4a24d4c2e549e883f
-
SHA512
60c85cb06c60850fbe883802b52268611dea94be9cdbb9d168c7f800e51184e41243e9b0e0b4d9e31ad94160948d2590bf82e3759bc5235d722a9326829cacd1
-
SSDEEP
1536:ox8piUO4o++aIRYMUVpJbFoSycwX6xIp4EB7zuPfe4HvFIdtdUJIA5:ox8piUO5aIRtUVXFl86PEB72FdIdYGm
Score1/10 -
-
-
Target
Installer/Tools/Accord.3.8.0/lib/net462/Accord.dll
-
Size
128KB
-
MD5
462500956d2d63725fb60c83516cec35
-
SHA1
2d6326cb19d88bfdaa84112b6ff0259ec72d60f4
-
SHA256
d36c225a84415c01bc2a8e84096590a7206dfc3d36173e3c7b6a62a04c0a33a9
-
SHA512
10b1c3fcdd21464bb6f1aee796171237dc3f0763b1a6b8b41a2410aa264047fc8e256588a06ae141905b78e9a85414797b22ecb73c2a9fca150b81f63efdde46
-
SSDEEP
1536:+x8piUO4o++aIRYMUVptbFoSycwX6xIp4EB7zujXe4HvFIdtdUlIAq:+x8piUO5aIRtUVTFl86PEB7yFdIdY6F
Score1/10 -
-
-
Target
Installer/Tools/Accord.3.8.0/lib/netstandard1.4/Accord.dll
-
Size
119KB
-
MD5
05df8292b5608279d129259be5baaaad
-
SHA1
3d529801aac42f571e33fd8a32819b040bb8523a
-
SHA256
3b3bbe2b42ec0ca04aedd3a27eaa6e9ee24a24734ae285c2b2920ffdec94bba0
-
SHA512
6da88a00a6bb18dc64b7126135767f237911b9e6b48cede3bf9df8109a46891c14c377c2a4d9ed8e0c37548f1745d0c62927f354d364060cb522611ffca49f84
-
SSDEEP
3072:yo7/5B5HeE3U5Xfl9rHXJYwMAT+aYvvHAR:ygBB5HeEE599rZYwJ+1ng
Score1/10 -
-
-
Target
Installer/Tools/Accord.3.8.0/lib/netstandard2.0/Accord.dll
-
Size
112KB
-
MD5
ebea077a998d01670625ed58a8ed63fe
-
SHA1
a841053293b79ad6268459f9c54f2daaf99bc269
-
SHA256
6fc7ed6a7e60a666ded3284c1c5558624c2a9f7300cf8dcf76f698df5aad40f2
-
SHA512
2a40ee02bb39c422ce5b617823f7fc2eb763cdb91f7f287aa611d5ce2e0954f6cae27143ca834f5c5a64ca012f1ea9d2f2fb133c43ab176a445618f31eb3c913
-
SSDEEP
3072:m5S5mn/wwTmzEfFGaBr+0fb552z1dlLBom:m5S5mn/wweEfM4tfb5QPlBo
Score1/10 -
-
-
Target
Installer/Tools/Accord.Video.3.8.0/lib/net35-unity full v3.5/Accord.Video.dll
-
Size
40KB
-
MD5
b7041a2701653f7c3f6f781dd8ab6d1a
-
SHA1
7ae8f161f8e472ee2fe9815f2003832dd02e5c27
-
SHA256
40139b60e4f0e397d955a87a658cee8d6be061eb8c45abba0f229d000a9a9f53
-
SHA512
c893e93bfd391bd93b34d1c539dfb93e79d54417a2cf75388b6b85c424118714a4fe36e3c951f7e4a265f3ae5a196fdf6d7d43ff675ed2fe1930b653cfd9c265
-
SSDEEP
768:KFhvlTCmwfsjsCNPKbKfv1p6PXRoPNE+:G96EtTs+
Score1/10 -
-
-
Target
Installer/Tools/Accord.Video.3.8.0/lib/net35-unity micro v3.5/Accord.Video.dll
-
Size
40KB
-
MD5
b7041a2701653f7c3f6f781dd8ab6d1a
-
SHA1
7ae8f161f8e472ee2fe9815f2003832dd02e5c27
-
SHA256
40139b60e4f0e397d955a87a658cee8d6be061eb8c45abba0f229d000a9a9f53
-
SHA512
c893e93bfd391bd93b34d1c539dfb93e79d54417a2cf75388b6b85c424118714a4fe36e3c951f7e4a265f3ae5a196fdf6d7d43ff675ed2fe1930b653cfd9c265
-
SSDEEP
768:KFhvlTCmwfsjsCNPKbKfv1p6PXRoPNE+:G96EtTs+
Score1/10 -
-
-
Target
Installer/Tools/Accord.Video.3.8.0/lib/net35-unity subset v3.5/Accord.Video.dll
-
Size
40KB
-
MD5
b7041a2701653f7c3f6f781dd8ab6d1a
-
SHA1
7ae8f161f8e472ee2fe9815f2003832dd02e5c27
-
SHA256
40139b60e4f0e397d955a87a658cee8d6be061eb8c45abba0f229d000a9a9f53
-
SHA512
c893e93bfd391bd93b34d1c539dfb93e79d54417a2cf75388b6b85c424118714a4fe36e3c951f7e4a265f3ae5a196fdf6d7d43ff675ed2fe1930b653cfd9c265
-
SSDEEP
768:KFhvlTCmwfsjsCNPKbKfv1p6PXRoPNE+:G96EtTs+
Score1/10 -