Overview
overview
7Static
static
3setup.exe
windows7-x64
4setup.exe
windows10-2004-x64
4$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...al.ini
windows7-x64
1$PLUGINSDI...al.ini
windows10-2004-x64
1$PLUGINSDI...rd.bmp
windows7-x64
3$PLUGINSDI...rd.bmp
windows10-2004-x64
7$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
3Etc/D2Codi...24.ttf
windows7-x64
4Etc/D2Codi...24.ttf
windows10-2004-x64
7Etc/UI.bin
windows7-x64
3Etc/UI.bin
windows10-2004-x64
3Etc/zrescue.wav
windows7-x64
1Etc/zrescue.wav
windows10-2004-x64
6Info/History.txt
windows7-x64
1Info/History.txt
windows10-2004-x64
1Info/설명서.txt
windows7-x64
1Info/설명서.txt
windows10-2004-x64
1Library/Ba...et.dll
windows7-x64
3Library/Ba...et.dll
windows10-2004-x64
3Library/Co...Ex.dll
windows7-x64
1Library/Co...Ex.dll
windows10-2004-x64
1Library/Ht...ck.dll
windows7-x64
1Library/Ht...ck.dll
windows10-2004-x64
1Library/Ma...ro.dll
windows7-x64
1Library/Ma...ro.dll
windows10-2004-x64
1Library/Ma...ep.dll
windows7-x64
1Library/Ma...ep.dll
windows10-2004-x64
1General
-
Target
setup.exe
-
Size
25.5MB
-
Sample
241109-zpwt9svmbk
-
MD5
c35691ae0b1900a0a0c232e8215ab3c4
-
SHA1
8b767bb31a766fa3e82880308d0e92cdf91e89aa
-
SHA256
c1145161cd1302b052bb437ba19ae5cbb5dc01e1ab0913f1bf88579f7d93d04e
-
SHA512
b52fabb1d6036642b4cc85cf90ee5f5554bdf4c495edae7d0c7d62972b85cb41059b03b2e78c2bc26a23ca6ea651f8f97c24d55125c2ebbf0e6a04a8e4e5d0f1
-
SSDEEP
786432:rbIckqdS7qgCQQgBLTkUoy/i7J3ku6nG+fb1SEZV:rbDkIIqgCQZdkUoy/nR1Sm
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
setup.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20241010-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20241023-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/ioSpecial.ini
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/ioSpecial.ini
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/modern-wizard.bmp
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/modern-wizard.bmp
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/nsisdl.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/nsisdl.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
Etc/D2CodingBold-Ver1.3.2-20180524.ttf
Resource
win7-20241010-en
Behavioral task
behavioral14
Sample
Etc/D2CodingBold-Ver1.3.2-20180524.ttf
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
Etc/UI.bin
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
Etc/UI.bin
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
Etc/zrescue.wav
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
Etc/zrescue.wav
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
Info/History.txt
Resource
win7-20241023-en
Behavioral task
behavioral20
Sample
Info/History.txt
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
Info/설명서.txt
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
Info/설명서.txt
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
Library/Battle.net.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
Library/Battle.net.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
Library/ControlzEx.dll
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
Library/ControlzEx.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
Library/HtmlAgilityPack.dll
Resource
win7-20241010-en
Behavioral task
behavioral28
Sample
Library/HtmlAgilityPack.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
Library/MahApps.Metro.dll
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
Library/MahApps.Metro.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
Library/MarkdownDeep.dll
Resource
win7-20240708-en
Behavioral task
behavioral32
Sample
Library/MarkdownDeep.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
setup.exe
-
Size
25.5MB
-
MD5
c35691ae0b1900a0a0c232e8215ab3c4
-
SHA1
8b767bb31a766fa3e82880308d0e92cdf91e89aa
-
SHA256
c1145161cd1302b052bb437ba19ae5cbb5dc01e1ab0913f1bf88579f7d93d04e
-
SHA512
b52fabb1d6036642b4cc85cf90ee5f5554bdf4c495edae7d0c7d62972b85cb41059b03b2e78c2bc26a23ca6ea651f8f97c24d55125c2ebbf0e6a04a8e4e5d0f1
-
SSDEEP
786432:rbIckqdS7qgCQQgBLTkUoy/i7J3ku6nG+fb1SEZV:rbDkIIqgCQZdkUoy/nR1Sm
Score4/10 -
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
15KB
-
MD5
90bb49f3fd416f912a637526914bd044
-
SHA1
626051dd6c759a5b847664549736c37aba9ede5a
-
SHA256
1f8e8f336df6773d6b63bd5a7efbfc889d08888fec55da402eaf93cb950aa283
-
SHA512
5156923f51be2057f7003577b46732f6b0b0bb55402f49df3747085b9802b3a2492cd5f087ef988db5a69f241c10163ada0e649b149da8a198b7fc2cc83334e5
-
SSDEEP
384:E5C43tPegZ3eBaRwCPOYY7nNYXCA/Yosa:EQTgZ3eBTCmrnNAE
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
12KB
-
MD5
6e55a6e7c3fdbd244042eb15cb1ec739
-
SHA1
070ea80e2192abc42f358d47b276990b5fa285a9
-
SHA256
acf90ab6f4edc687e94aaf604d05e16e6cfb5e35873783b50c66f307a35c6506
-
SHA512
2d504b74da38edc967e3859733a2a9cacd885db82f0ca69bfb66872e882707314c54238344d45945dc98bae85772aceef71a741787922d640627d3c8ae8f1c35
-
SSDEEP
192:MenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XBaIwL:M8+Qlt70Fj/lQRY/9VjjgL
Score3/10 -
-
-
Target
$PLUGINSDIR/ioSpecial.ini
-
Size
211B
-
MD5
e2d5070bc28db1ac745613689ff86067
-
SHA1
282e080b4cf847174c5c11e4f9157b8c338ecb19
-
SHA256
d95aed234f932a1c48a2b1b0d98c60ca31f962310c03158e2884ab4ddd3ea1e0
-
SHA512
a50ca2014869629135b54e848f03cb4983ad8029cd811300d02b0fc54de0436185f418fea4d3db888eb0f3170e33a59d486aa885f024ab29e630e9bc0ae1a2de
Score1/10 -
-
-
Target
$PLUGINSDIR/modern-wizard.bmp
-
Size
25KB
-
MD5
cbe40fd2b1ec96daedc65da172d90022
-
SHA1
366c216220aa4329dff6c485fd0e9b0f4f0a7944
-
SHA256
3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2
-
SHA512
62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63
-
SSDEEP
24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
$PLUGINSDIR/nsisdl.dll
-
Size
15KB
-
MD5
c635d0a11ae1c122beaac72b5024b425
-
SHA1
a506e11b968087c438e0c0d82ef4dadcc5aa4e15
-
SHA256
9343d9eea17df462ae2431b27253bcb8ce734a4992ea35cca9178cea3939c227
-
SHA512
0a501cfc2a5a4a830c3f415ff09d41138740c82da4518f8c3efdc3d33cef7796e240a68d3ae4a001aae12e528e6d8d0c5bad904786a8b33cc19dbd8e7610c631
-
SSDEEP
384:8py18oahashajPmIYInUJggBOZgAHhUKiAb:8py18oafmeggBOCAHpiA
Score3/10 -
-
-
Target
Etc/D2CodingBold-Ver1.3.2-20180524.ttf
-
Size
4.2MB
-
MD5
7169e4b32f2ed602023bd9e7692e7999
-
SHA1
4c241b9d1a7ce1be4558fe76bfa945a1874a5458
-
SHA256
dde75df435f061eaa0f6db84b1c30866aaa442d7038aaa62ea3c2be92f15d87d
-
SHA512
ea2cfda175e3682737ce4d7af63b159617e6b9c64f87b2c3d68f2e2181d16aeadb04778016973bf07fb9ef242fb473c83a2444d62cba2964af7a0e054757e78a
-
SSDEEP
98304:cvbEWXJgBVGNnzTt1i+cEvwdANiwgu+WzR1UwV:SXJgB2zC+cEvwdAgwgfWzR1UwV
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
Etc/UI.bin
-
Size
351KB
-
MD5
f5b5cc41c2d52d41aae707ba3ba7b101
-
SHA1
9c2f894857bf59f9dfe84ee9ef6af45743da3c84
-
SHA256
74773842a5e11947838c6dc63b5ee7e2e5284a7567aa8cd73dcad133474722cd
-
SHA512
0f27722540be8d0384cf83c95f7ff23deff97b28e544b8f9116982ef2074e923963a0b0eca78427158780ae53359285e8d02de68af3b52f55947ffaab12580bd
-
SSDEEP
6144:r1C4NFYwy6Hau2KD53NHg3CpbBzmXh1BkxnjHb4M4L:rQmFWr1KD53NHQsbBzA1Bkdn4M4L
Score3/10 -
-
-
Target
Etc/zrescue.wav
-
Size
355KB
-
MD5
5dd1185776f1b3e8eecd187aca6e7cab
-
SHA1
84b0781aac17bc5fa9117cfe8560dab716e1326e
-
SHA256
0010672e317cac148a3a3162642849b1eeb3ec020ac88982e8af6406e5f39b61
-
SHA512
6ad2cd004e84fc7eb4b974619b82b1b56c3c61a84c71d06f756f00c8de482cd8bbfef3da3afb6a2a766e616324e26e9dfde6409d5fb36eb2f55b4aa349b4e90e
-
SSDEEP
6144:9/ZLCtABjXYHQUJJSoCAac49pZx3MPd3HhV9Tb6oZ4fEotC:dZOaBY3cO1O30x/6oZ4Nk
Score6/10-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
Info/History.txt
-
Size
11KB
-
MD5
ff581f7a41e391121e214a548c7a132f
-
SHA1
575677442f75c82384fbd212ca2bcce99acb4791
-
SHA256
03e087600cee89c907d06c5177657cedeafd35dd128089a14d459c852a51c315
-
SHA512
c6917b420550f491001d285d6012698ad0514d67c5256e47510f845ddc206d83a0d290b6104d39fc7557bf033eda868256a3a52ff9f57b4c330b56a8c4eeb956
-
SSDEEP
192:9PSuHFMVZ1A9VgVhbgrVa12uVzVaBUL+sVwkU9stso2K3ZFbrVv5SS3radDf8jdd:9auHWZ23khgRa1TZ95Uatso2OFbZBSS3
Score1/10 -
-
-
Target
Info/설명서.txt
-
Size
6KB
-
MD5
465babd0f9c04655e627da2029d77e45
-
SHA1
eff6941743153ee0d2fa7774a874d7e20396bd9b
-
SHA256
be77ea18e39257dd3a9fdaf2cc1c9b465f348bbb7eda5c64a3714ff6ef914495
-
SHA512
a5713975cab9dfefececfa51b901d9c3a03219bd6dc71c414a06a93c725ac7990c71507d0dc72452f133ae967329a835ce22803d1230c335df82773a076575a2
-
SSDEEP
192:ER3Ta4UwuAAlMAjP76TQwKUP9JHKHV2hc83J92GRLHARlRVaVeQD5p:MZxuNMAjDsQwlGHyc83HdHARjVeXp
Score1/10 -
-
-
Target
Library/Battle.net.dll
-
Size
184KB
-
MD5
9ea094dddde9dd5e4fe72164cc732975
-
SHA1
1c8a3441cfb877e9bfbf6482028b3296ca280f0b
-
SHA256
a0709826feb10dc397ffcdb172617238e77ad645c543b3a1e4821d00266caf6b
-
SHA512
e70b85a890a93639cdd47f7628fb2adeb2de1d3b1e6c3d8695fa9a24f90b0bfdaad9c2a676f42f7a092783046f62ab7a7231cfa4bbd23fdd887d81080cd390c9
-
SSDEEP
3072:1e/ApUxd6NtdWYhXOwPHV4qafP9179kN+DU2NEKcXIXZGciH2h1fSmu:Yp4WGOwPHqn91yQDBcXIXZzOeI
Score3/10 -
-
-
Target
Library/ControlzEx.dll
-
Size
244KB
-
MD5
37dbeb3e804d61cefed67d1a60dde873
-
SHA1
31fb981cc429cd24066363160e49c85fd74df8db
-
SHA256
f15d89d9720eedb94c09b1db32ca6a514e9eff2906da91396ffd7f877714911e
-
SHA512
7279e2354a9e1a583098bc9f6ff9ec05bb2b526ca151265d4c8c2bb42edd15b3d157425bc76e01b9f0e03cb1c87cb46bc94f9a1f47dc2a79daee784d6122f3fa
-
SSDEEP
6144:M6bRKhjsomR8PpY82VG7gP2rxp+7vVNviPF1WANK+5/:M6Yye9
Score1/10 -
-
-
Target
Library/HtmlAgilityPack.dll
-
Size
162KB
-
MD5
b5b70052ac65657e11db2dd56de13e06
-
SHA1
26fb020efadc6247396d4d405b4d2087ff9c2d81
-
SHA256
ce8e4e6313b4742983376dce0cf363c2db2e14ba216e9c106830a0681590899c
-
SHA512
c546d4ffdddabf2e3acbed59546677e2592c964b2060d059b87529f7f82146e51be9dac6987679bf9f4a25f80335ddd982968581cc9c5d578bc9fcf145ba35f9
-
SSDEEP
3072:3IeiUVBmkZdZjmPMps0DWV8+QBp+eYQFSZetwNp5:zVokZdZjmPMpsZ5QBpVLtwP
Score1/10 -
-
-
Target
Library/MahApps.Metro.dll
-
Size
3.4MB
-
MD5
e074142bfc0ab58defddbf7e23bb47ac
-
SHA1
6ac461b28bd5d7aad87c396939da8700363473c4
-
SHA256
8c60718d85a5b8f7a9372b3a252638ed77a41b71796603199cd24e2f4012fdb9
-
SHA512
73546c282b2a5701cb50a56a305c454a4ec5e7d5f29673d5b6c696f5924d832805f212a8bac4408a4724d975abd3ef8fed0127620070bebd0c5f946856526915
-
SSDEEP
24576:knt6jn5Gq47qDL2PtBthkzRU7R2/8QcXtAw:ktg4Lf2RU7R2/8Qcn
Score1/10 -
-
-
Target
Library/MarkdownDeep.dll
-
Size
50KB
-
MD5
8cbbd216e99b1d4d9304231235ff8c59
-
SHA1
cfe5c3a8bd9f2a3b814e7dff271cd3620a04b299
-
SHA256
c44c392d40a05c5d1356b7f90171318bc03c766f15de97e08e7f115d10159c87
-
SHA512
c7e38e07270cfb4dc66dd839d696d51cb3b4241959ad63ec391dd74ecd2c9437e8c9b4aa0f3f4a905bb3d906660597e4f142d3f34bb15e1a228b6341fa9449d7
-
SSDEEP
1536:2hCrJvJ7UywSP3FbaXWPfpUmZknSs5eR:5UC3FuXWPfpTknSnR
Score1/10 -