Resubmissions

13/11/2024, 08:47

241113-kp7t7syfmk 9

13/11/2024, 08:30

241113-kearqaydrq 9

General

  • Target

    MAGIX VEGAS Pro v22.0 patch.exe

  • Size

    4.8MB

  • Sample

    241113-kp7t7syfmk

  • MD5

    ff4bc7a206b856502dd647e94dec5c8f

  • SHA1

    4a3d0e4fb6fb2a7ac633a288a0d2ce8f14286cda

  • SHA256

    b3688db852d9a57834ef758cd54a9507fad2de1854a2faed23bda53411000383

  • SHA512

    f93170b9fe1b06e9c48a255bede5a1150e8125d09d6c5d1fe8438525b40b648f8bcb86a79d3453d6f45f4392cc946214088ac3aa24ee298ff36579f22da1c1cc

  • SSDEEP

    98304:8L1CNqRBQsRE+Mv2RJlmQJu6A3ty6gVLPysH:81H42RJs+ODzY

Malware Config

Targets

    • Target

      MAGIX VEGAS Pro v22.0 patch.exe

    • Size

      4.8MB

    • MD5

      ff4bc7a206b856502dd647e94dec5c8f

    • SHA1

      4a3d0e4fb6fb2a7ac633a288a0d2ce8f14286cda

    • SHA256

      b3688db852d9a57834ef758cd54a9507fad2de1854a2faed23bda53411000383

    • SHA512

      f93170b9fe1b06e9c48a255bede5a1150e8125d09d6c5d1fe8438525b40b648f8bcb86a79d3453d6f45f4392cc946214088ac3aa24ee298ff36579f22da1c1cc

    • SSDEEP

      98304:8L1CNqRBQsRE+Mv2RJlmQJu6A3ty6gVLPysH:81H42RJs+ODzY

    • Detected Nirsoft tools

      Free utilities often used by attackers which can steal passwords, product keys, etc.

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks