General
-
Target
Microsoft.HEVCVideoExtensions.Installer.x64.msi
-
Size
3.5MB
-
Sample
241030-tpy2qsylak
-
MD5
dcafc3c2c272a565a735a5d929a8440c
-
SHA1
6b6bb8b216bac3abbe2195a6c0b86c8247b7e6b5
-
SHA256
ed4fcb8d67e0577fdf22fabe95c9c3aa4910f4ec8ceb7d62321ed66abbf2b88b
-
SHA512
33ed1b7680e8480f04dfe312991527b83181d96cbf0e5e2e267007b8c72b8512eca07847f744cc565d5cccc61e1eab5d007c0b801efece4fcc7b1eb3336328d0
-
SSDEEP
49152:gTsAgMSw+OwjEk1Y1J4KuV9VD3EtgDdzdKLSXPgadbn28cTKf9KZZlYs:gTd+Ooo4Ko9lpA+fgkb1iWKJF
Static task
static1
Behavioral task
behavioral1
Sample
Microsoft.HEVCVideoExtensions.Installer.x64.msi
Resource
win10ltsc2021-20241023-en
Malware Config
Targets
-
-
Target
Microsoft.HEVCVideoExtensions.Installer.x64.msi
-
Size
3.5MB
-
MD5
dcafc3c2c272a565a735a5d929a8440c
-
SHA1
6b6bb8b216bac3abbe2195a6c0b86c8247b7e6b5
-
SHA256
ed4fcb8d67e0577fdf22fabe95c9c3aa4910f4ec8ceb7d62321ed66abbf2b88b
-
SHA512
33ed1b7680e8480f04dfe312991527b83181d96cbf0e5e2e267007b8c72b8512eca07847f744cc565d5cccc61e1eab5d007c0b801efece4fcc7b1eb3336328d0
-
SSDEEP
49152:gTsAgMSw+OwjEk1Y1J4KuV9VD3EtgDdzdKLSXPgadbn28cTKf9KZZlYs:gTd+Ooo4Ko9lpA+fgkb1iWKJF
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-