bfaa8fc5c1e0f4bd2555dd2d0686c90ef635cf3e909bac5776564474f1f459cf

Sharing

Copy URL

Twitter E-mail

General

Target

WutheringWaves_overseas_setup_1.6.4.0.exe
Size

93.4MB
Sample

241117-nr2bzstlbl
MD5

38c37084833ab6bf9ef9efee8efd56d0
SHA1

2ebc95b94a6c8186a52440dbd72a227cf183ae4e
SHA256

bfaa8fc5c1e0f4bd2555dd2d0686c90ef635cf3e909bac5776564474f1f459cf
SHA512

6a1d2feb5cb25e3a16b0235df06b10e9fb5a79375d11de7db66a7774c657a5103be94f2a1fcab9e6ebcc21213b7b3ded9391dd5323226d5e0c26f6312b512161
SSDEEP

1572864:YA2UCKzJYfDaeltyO9DJdmgxsmJ87lQ8rGwGjomUjpj5CJrWCga2/nme829YcQu:YaCCSme6ORJd6l12jomU95Cxglue8C

Score

6^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  WutheringWaves_overseas_setup_1.6.4.0.exe
- Size
  
  93.4MB
- MD5
  
  38c37084833ab6bf9ef9efee8efd56d0
- SHA1
  
  2ebc95b94a6c8186a52440dbd72a227cf183ae4e
- SHA256
  
  bfaa8fc5c1e0f4bd2555dd2d0686c90ef635cf3e909bac5776564474f1f459cf
- SHA512
  
  6a1d2feb5cb25e3a16b0235df06b10e9fb5a79375d11de7db66a7774c657a5103be94f2a1fcab9e6ebcc21213b7b3ded9391dd5323226d5e0c26f6312b512161
- SSDEEP
  
  1572864:YA2UCKzJYfDaeltyO9DJdmgxsmJ87lQ8rGwGjomUjpj5CJrWCga2/nme829YcQu:YaCCSme6ORJd6l12jomU95Cxglue8C
Score

6^/10

defense_evasion discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1
- Target
  
  $PLUGINSDIR/KRPlugin_aki.dll
- Size
  
  16.4MB
- MD5
  
  6d9b3c70056c3af44c29a2f021d093a9
- SHA1
  
  b52445c4dd67bb7cc6857be1cf1f1d5391d31dc5
- SHA256
  
  e42222fee2388cbc4814ff5b4d05e6a2f1a602a06352409a1f62cc718526bb2d
- SHA512
  
  cfaed8b105a8d2eac8bf8c99787c9cc48f9fae401530dfae266f6cb1e2660e9ffcaeaab5dec0292a0136d01c90eaaf81ffa235dbe73f931fb484e3e3fe8008cc
- SSDEEP
  
  196608:nD/Der6maEN4/vD6BvtBIHI8BaQsLtq/isoWej1cFvPI0qiLM4/HFdI:nDq3aV2Bv/Io8B7oWW+K0FLfHg
Score

3^/10

discovery
behavioral2
- Target
  
  $PLUGINSDIR/Qt5Core.dll
- Size
  
  4.9MB
- MD5
  
  1849ef00f2b0d4bb8c475df4d714b8ff
- SHA1
  
  10bd730411fe8c6c3fa75994763c542591fbdd72
- SHA256
  
  fa6c28d6fc6e319f9c6348541cf8803ee5d32e6afccb666b3c67a54c50c81ba3
- SHA512
  
  c41794646549b5d7c22ee0cbdcff78450476f965bbf6cb83d07d97a2e23c5c2085366deaad62e37e0cc3dc072ac9e15bf40b39cf20e22a0980dfcae318f35136
- SSDEEP
  
  98304:D/cPFLQEJuMEaJsv6tWKFdu9C9Ed74Gx80MEcUsk80MEcUsk80ycUsk80M6Ou:DsFJsv6tWKFdu9C9y7g
Score

3^/10

discovery
behavioral3
- Target
  
  $PLUGINSDIR/Qt5Gui.dll
- Size
  
  5.2MB
- MD5
  
  0906103e25f7349766fc6025c491aa5a
- SHA1
  
  350589ec1f12ba5f65afc263c10243e10a362287
- SHA256
  
  ba869785c14c4ace0924c123295a503a59cf90cc4da68e0c61c47187b3754fe6
- SHA512
  
  ab28b7c562a342c8cbc1dad5290c2c9d2e0678de871f8ae71163fdc6bd7458084481f84baeff3349f9f79c5f07fa3e20cea4553b163fcbec75709ddf599b808b
- SSDEEP
  
  49152:QxxOt5RYfb/yCBXDCiYERf8ogtACsw5FvH3CjsE7d9oDCCGCdBEtq01zN+p6G6n7:TdEHBXWiYERf9gtACTv+7d9oDCCGQpQ
Score

3^/10

discovery
behavioral4
- Target
  
  $PLUGINSDIR/Qt5Network.dll
- Size
  
  1.0MB
- MD5
  
  11c016d03aefc9e124828cb7cd775cf3
- SHA1
  
  cfdcf0bf5834e507cf87c7e283d14a7c89aa2628
- SHA256
  
  10fabe35ca0b0b9c35c2f618c801fb999bde09572a7fa10415b2b3f6b6470a7d
- SHA512
  
  87cc26fee8033ce638828fb773f62704f48a20c042faf70c9f97e9f1d76a09e6060c818ad2d4cd6cccaf4464fb23e9bcfc77d53a6f24415aa0d83455260ce36d
- SSDEEP
  
  24576:rC99Z7u86aKFihx3g1J6wr/zv+p6FhvWFCS4XaQli:v86aKYNaGqhecXN0
Score

3^/10

discovery
behavioral5
- Target
  
  $PLUGINSDIR/Qt5Svg.dll
- Size
  
  273KB
- MD5
  
  c7cf7bb86753ea779b0aaf9cd92a0433
- SHA1
  
  7c336c2c16e4c1956c7d7b7c209f8e954f336fbc
- SHA256
  
  4e5e73ae36d79192dc04ebaf1d08ac5afcb77a825af6d425ed5431845605f8a8
- SHA512
  
  cb94e6dbff446640376960d0eba67a3cb39a2804d6cf8eb760b752a15ca6a55d7f13360500a257e0a45d84db81d60a4228c24df04bdd3d91d9347493206d0ab1
- SSDEEP
  
  6144:sgc+DBosZOrod1j9vZQdy8DvBojojRsTztYQ2rbvk3JVMlfMmu:swoSGO1Efy
Score

3^/10

discovery
behavioral6
- Target
  
  $PLUGINSDIR/Qt5Widgets.dll
- Size
  
  4.4MB
- MD5
  
  07b30ed72326c030aae212224034bf28
- SHA1
  
  13283d6bd5e953a298ea2dd095bedb239dcd7961
- SHA256
  
  fae1cbde9e10955e8b0ff414e64020be20bf9d1d62e7c583b4510b60f363faf0
- SHA512
  
  228bf5d5adac1e6fb8eb4cdc75d60f44d1c81c2e5f44d1f04bb3929a06fc2ebbe33bc634a90d593d5892f75121d96a680fd988cb0b462bed82db7183c936fbf4
- SSDEEP
  
  98304:QvFOYikKmlkpxE5G2qWIWhZIsC6C0DH2DEijycRoe+KbD/Mb7C8I+b2fGA4MgHQk:ZSZpcRjgVb6Y
Score

3^/10

discovery
behavioral7
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral8
- Target
  
  $PLUGINSDIR/concrt140.dll
- Size
  
  244KB
- MD5
  
  35628d71cf20d4f8aafb0aba8df14b70
- SHA1
  
  f48307aa9c2e300c38bd06c1780ac663c67045e2
- SHA256
  
  b2c8a0fbcd4c2eb9bc1aab03f8fdb2d72d78573a54f3e83d44c95246c4f2d168
- SHA512
  
  f69c6dae3ff3328c83ed6a03b31da7207f845ae463a9b20b47535ea5ef31041ce544a47f0ce339c016a02bc16320046a4bc0d82f1ddabaa6008fadfdbe5f4ab7
- SSDEEP
  
  6144:aLh9nrxRw13UyU2G8g1QYYZTDt3n2x+Bdv5zsSiBsTYrPlUEYD/QzkRWAFcOv12H:cInTDtXF15zsSiyZ/0OkzT
Score

3^/10

discovery
behavioral9
- Target
  
  $PLUGINSDIR/iconengines/qsvgicon.dll
- Size
  
  38KB
- MD5
  
  eac65f03e9f9df34f8438162d9ad377a
- SHA1
  
  8bf9c07832614ade1f297ab49c646b01bc89eb81
- SHA256
  
  0537ce5368db4601239b5401d79f294366f7b3a9ee434d3a8d824f825dccd678
- SHA512
  
  c0f288fa833b1e2c9832738ab363d1e2af2e376089aa91036cc0db51f7dddb8edada79e8ac1bec45263479807a828a2a17cc63a6b41d132c7aaabc94cd5a80e5
- SSDEEP
  
  768:lE7X1LJGhKSkvyOOvVJzcdAsBoQpE8mtAfJkbo66N266Gg:+TkK78VJodAsBomE8EAfJeoL6Gg
Score

3^/10

discovery
behavioral10
- Target
  
  $PLUGINSDIR/imageformats/qgif.dll
- Size
  
  35KB
- MD5
  
  e070dbf1a9253bde7910e040dfd5d4bc
- SHA1
  
  43f396528d643bd2c9fd8e1b63c4151bbb23c980
- SHA256
  
  7ac66b0c813585b7cd3645ad3bcab0b225006cee9076b05a21cb6b8db176462d
- SHA512
  
  317af40137f8f1d475349a926067bfb6b776c0e26352e164d6cf1fa95293b865ca6e07cf3cb305eff122c1033cd3cd7e2931b8c0083424ebc91be111d6b89a8d
- SSDEEP
  
  768:HSkyMP9EKMNatQl74W0LLc2G864D+9uMUo+ua8NcqUfJkboekNN266T:HSnh4i4DLg2zD+9uM3+uaGfUfJeoZ6T
Score

3^/10

discovery
behavioral11
- Target
  
  $PLUGINSDIR/imageformats/qicns.dll
- Size
  
  43KB
- MD5
  
  d617d449bff841e9e56ae5d66733c1f0
- SHA1
  
  57f9104c906d88b5193475286b9a1e9d55cd3fe1
- SHA256
  
  3587d149b774835aaebf9122945d432cb97a01f923c2bdf45c8ddf7db46fde6f
- SHA512
  
  1b4f7be9b650aa5658dde24da392262055b867525f8a2e61a2656c2617651f29dc5b61dd41f57ba84be030616d2060185f4790c7dd4a29d07b1e62af16b7f565
- SSDEEP
  
  768:ufWnXICvDmkwWSFmq3ZWCFsE//yuNLozJBOLfJkboetN266R:ufSVvKk+FmhE//yuOzJBOLfJeo86R
Score

3^/10

discovery
behavioral12
- Target
  
  $PLUGINSDIR/imageformats/qico.dll
- Size
  
  35KB
- MD5
  
  77b5eee567d88078024e3b535d6196f1
- SHA1
  
  db155287e3a3fcff2d280b5a4aa555784c2bea91
- SHA256
  
  ae2d373da197c94fd6aff5b56baf3df754722926af4f71279688ce563fe6ef31
- SHA512
  
  811b1654a0b17eada09e37d4d29a3297d5aaf9f2eae1f3cf48cb6b7c5d36f28450ca80084aec94765bee0b02c03854c3e489327911de9d96f8189a6e92c6648c
- SSDEEP
  
  768:RianaRH+EpYy3kVCpwnNcToT5uiLsffJkboQDN266W:Aan6+EpJoCpwnNcsT5uQsffJeoM6W
Score

3^/10

discovery
behavioral13
- Target
  
  $PLUGINSDIR/imageformats/qjpeg.dll
- Size
  
  383KB
- MD5
  
  1f8c4a04573e26286ee2fafdf03f8f85
- SHA1
  
  b3d3ed2615d63ea26ed035ad191164e0297f088f
- SHA256
  
  18706a0bff940116731de4a55d8312c054771271c49fe47f77e07b0d73529053
- SHA512
  
  699c66b862675ef4e519e962bc8ffb87536fe81f5870f91f4179d9dd34c222e9107f92fc3e6138a8ed005293f90fb993144f4eaf9ab1518072718b730d1dd91f
- SSDEEP
  
  6144:VaIxBW7sYE9DiTPSE7kBRVN9YDsLJgcBsFQ/no/W+eZ3873GH3AGYgK:IIG70U7kBRlBoQ/D0t
Score

3^/10

discovery
behavioral14
- Target
  
  $PLUGINSDIR/imageformats/qsvg.dll
- Size
  
  30KB
- MD5
  
  7ba0979da56479bd964810e8ce794e9e
- SHA1
  
  68465868b7f9e944c6d5c57e4bc1d9383e234a74
- SHA256
  
  099eef1d161e9c4bb957d73678d471cc276337233a8e715e181a352760346701
- SHA512
  
  31edacc55c659571b473ac41041bd2779fcb36576882f9250790a7a5419cd64271560f5bf9039cb49ef621e970b2db028cca653ac8e83696e5b7822f6d287400
- SSDEEP
  
  768:MV59Uj2SDRC0xf6s6eD+6CzTJE9AfJkboTwN2669:M/kRC0d+eD+6CzdE9AfJeoq69
Score

3^/10

discovery
behavioral15
- Target
  
  $PLUGINSDIR/libcrypto-1_1.dll
- Size
  
  2.4MB
- MD5
  
  e879fa16f3746a14cd46dbc514452eea
- SHA1
  
  ba9559dca54da672a81cfe711004b25259fe8cf4
- SHA256
  
  e8a549275b205df98c33d76c47d2476ea57d14ed476d759fc921357a05ab740c
- SHA512
  
  274605fc33e77d6e891f070e09a00d65bea4aebd28506d3d4b036cf4436ab29a29fce887f0091080027529f7848b84625fffeb13b7e32d3c5472995da16a6a97
- SSDEEP
  
  49152:yOPnkpFc0CvHTStvQRR8uh1CPwDv3uFfJ/stT:yOPCeSWRR821CPwDv3uFfJ
Score

3^/10

discovery
behavioral16
- Target
  
  $PLUGINSDIR/libcrypto-3.dll
- Size
  
  3.5MB
- MD5
  
  3b4dce9348385fbb3dee25e3e0db7efb
- SHA1
  
  f760a89a8bbeff22d3a837ee50089a616c9e247d
- SHA256
  
  b99f87138165561775b29283879722333082c5f12f4716ee423da880aefc9fb9
- SHA512
  
  dac1a728dd9388120b05ec79bcc6005a1a50f28a4051500acca24217e9efccec8529e377537d6bc5f6cc9a87a1aa3e5ce7206a04b5283848499f5f46eb8ca800
- SSDEEP
  
  98304:/HWhBT1l8mO5cjksZ0Wo0D9Owxucj+D1CPwDvt3uF5YCQ3i:EkmO5cjksZ0Wo0D9Oncjs1CPwDvt3uF1
Score

3^/10

discovery
behavioral17
- Target
  
  $PLUGINSDIR/libcurl.dll
- Size
  
  460KB
- MD5
  
  fe5e6aecb98bbcb2cb0e826526dea007
- SHA1
  
  936f0e2ade5a909e714c307c1e2aa2702f1e464c
- SHA256
  
  ec5f18199dc57130082315bfb6baedb8614da92ae256019a30b5880dded9ae47
- SHA512
  
  7ae9fa473e612791a606f6fd7043a5385b3b4eb3bc612652c05d8520d2b2f766232c03de436636362c60b08cbdfec919a35dc07075b2877753ca4779c9cdf0d1
- SSDEEP
  
  6144:I4qgLAB0rrD9mvNqespJ9Y0wf1z9oBVePEZuRblbcLx9v0Q076ImWcuUVm2r:I4qgLAB6uqDpPYRfRmBUPEZOYL5nGOmO
Score

3^/10

discovery
behavioral18
- Target
  
  $PLUGINSDIR/libssl-1_1.dll
- Size
  
  522KB
- MD5
  
  e3f1a7c6d1c185835ceeb3bdf37f9562
- SHA1
  
  ec4b2af33f67f71042c6db751c151fe3c3d56897
- SHA256
  
  4630af7d655a93784e5669be594a0e7ae534d4626e71c1e6acefa722d34a1117
- SHA512
  
  b760dedc74bdfe61f5160cc1bb635b6e972846d190408a4e25078f5295adb286a04faa4dc646f543fbc7729b84f0e27fe2809a3b79ceb058579524250ba1858f
- SSDEEP
  
  12288:XhMtMk0K+ywPBFNSpfvBKA2FSbU2lvza:xMapS9Q1FSU2lvza
Score

3^/10

discovery
behavioral19
- Target
  
  $PLUGINSDIR/libssl-3.dll
- Size
  
  685KB
- MD5
  
  440a0f750f770676aeac4de35fd88637
- SHA1
  
  936ff5cefb86ca17e35debb31d76c9d3cb5f3022
- SHA256
  
  1515c8560dda68c87b0e0de7330d0b7b517b8fe2a89adcfe9922a7301fff4bf0
- SHA512
  
  858689b3931581874e1dc57accedcb46aa12f1339f003b7abf3b9c657bc6b768c7ead01a60244daa13029e41a24dde87a35baee59110072172ef1c8dcb0ec2ad
- SSDEEP
  
  12288:Zc1kFuLKdCNCiSHQtRoqHQqkAEPZPIoQjzY6TpmM8wewqgkLc6WwJuA:A2dYCiSeVH1Lww/qgkLc6WwMA
Score

3^/10

discovery
behavioral20
- Target
  
  $PLUGINSDIR/msvcp140.dll
- Size
  
  439KB
- MD5
  
  5ff1fca37c466d6723ec67be93b51442
- SHA1
  
  34cc4e158092083b13d67d6d2bc9e57b798a303b
- SHA256
  
  5136a49a682ac8d7f1ce71b211de8688fce42ed57210af087a8e2dbc8a934062
- SHA512
  
  4802ef62630c521d83a1d333969593fb00c9b38f82b4d07f70fbd21f495fea9b3f67676064573d2c71c42bc6f701992989742213501b16087bb6110e337c7546
- SSDEEP
  
  12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
Score

3^/10

discovery
behavioral21
- Target
  
  $PLUGINSDIR/msvcp140_1.dll
- Size
  
  28KB
- MD5
  
  baeb5294985628e64660cbc1eb8a5c92
- SHA1
  
  a69e5cc6a51fe90309664a0bf4d05a70956041fd
- SHA256
  
  6527b9b5a1b7d08b537375dada65bc79f6b6a9bceca55bc28f44eada20e4ce8d
- SHA512
  
  b234b03dbe25ed4265c9f08e9efbb9d94a1077142bc6780162f6b1df547c9dfc37a7342f70e8ec55c7c3b97f73ce819e979bd13f3b43c311df4555150d53de29
- SSDEEP
  
  384:ksmpXUJuJv+VWcn53WeZwyRgAQpBj0HRN750QHRN7u7ll6JpIm4:aUUJvSRhqW5082
Score

3^/10

discovery
behavioral22
- Target
  
  $PLUGINSDIR/msvcp140_2.dll
- Size
  
  169KB
- MD5
  
  b31cacccd4d40bbad92b7248d30fd7ea
- SHA1
  
  5abb563d6b5839456d061eb567508d852ba8ff7d
- SHA256
  
  71b8f5875bd4d29417433fa695fc4500284225a0a7c894d5c5e60fc20c56e3bf
- SHA512
  
  1e7decf8903f67dcf755ab6ea20db2f7c15ceffe840b742e7c5c642c13da5ee9de38ce657bf456a0b6b46ce3ea2a88cd1afd9ae3ea57078a0ceb254b1eec8335
- SSDEEP
  
  3072:FMZBzhr8dqXk7Bto76vriyFiE966jcdZ5EyYyG:WZBziFto76pFiE96skDNG
Score

3^/10

discovery
behavioral23
- Target
  
  $PLUGINSDIR/platforms/qwindows.dll
- Size
  
  1.2MB
- MD5
  
  f52d1908e2d1f5b03b72cc87df48c8ad
- SHA1
  
  aa50aa22dbe42f20e0f67f2102cb37eb39d86dc6
- SHA256
  
  60085c5b61554a1e9d96350f039597a1b77a7576a81a12a24ace9de4c323bb8d
- SHA512
  
  70a67a052c4daa445ca200768f9675ebbc987d86efcdef8bc6b35fbf8b907c4dd48bcde890476001bdeb655606fe00a804de7f5d1b08505bcf7883a5326aa0b2
- SSDEEP
  
  24576:inm505nKXjiBQKwVi6hSVLSTt2By3/nvh8L3nEZm5J:Ym5nuBQHVswZvKjz5J
Score

3^/10

discovery
behavioral24
- Target
  
  $PLUGINSDIR/sqlite3.dll
- Size
  
  1.1MB
- MD5
  
  b8074421d9f92adb9d112b90a54d47d1
- SHA1
  
  97eecbb5adb3d75d7ba791fc8625611e8854ee6e
- SHA256
  
  8ce20d2f27c6574dcaed648971778bb11d1ec18b9a44e879c0e53c1a29273dd8
- SHA512
  
  bef2881cd618c7a8a5871e6f58032ae81225f02bd005355d00ef6b05c30e2a8112763ec1cb0474f1f3fb93d43b8609070d0daf33f0b9fdb92196e1c5fae4213b
- SSDEEP
  
  24576:7vcPcj5w8pcoCGlopTOF+mqpWEWkDOL97iMYG:7NNVcylooLqpWEW2Uxb
Score

3^/10

discovery
behavioral25
- Target
  
  $PLUGINSDIR/styles/qwindowsvistastyle.dll
- Size
  
  129KB
- MD5
  
  cea2589b96f6a9f02fccc0bc0786965f
- SHA1
  
  dc115c308579d59f31346b3535fbc3e0338e0dd8
- SHA256
  
  a0b0177a40b1c74ac79bf31c9f26ab0770d54c2297d68a53d289c48ff5b23edb
- SHA512
  
  7865d1ee088cc880670bebb90ed13f5bb55b14affc98dac1ff9bdfcc94aacc84b1379dedcd1ffc992b8f45df40434bdb1c3a3e396410f2f292fd9c83d7d2c338
- SSDEEP
  
  3072:9d7ZeiD6e0qwpyHHJuw4+mrZNNF+54a9YDU9wRpWi4m7JRBBT30TlaaAjl/Y4WRt:xdb0qLJu3ZonW4GJPBIxaaAjl/Y4WRv1
Score

3^/10

discovery
behavioral26
- Target
  
  $PLUGINSDIR/thinkingdata.dll
- Size
  
  294KB
- MD5
  
  e295bbb7c68f5cb535d72983227b12cd
- SHA1
  
  d42a6214e46e95f082426f52af52ddbe46725a12
- SHA256
  
  e988ebfb5798d712ca21fb8986c06a364b1d1f3b9397277898bf2e80b5818e2b
- SHA512
  
  a84ed487c75b012cd863f044865c4fb9e7cffe354737176f9626ac027d843c763be5668391219c7019fcb419267393f4dc5244020c953cf9ecdf4a68fb67b9f4
- SSDEEP
  
  3072:ZPrwEMlj9iZU+9z/c642+hhCuY7ySVKCWDrq1K31JOmA3oT:Brwhux9z/c6MbCuWzVeblJbf
Score

3^/10

discovery
behavioral27
- Target
  
  uninst.exe
- Size
  
  39.5MB
- MD5
  
  ae3addc133bde6ace1d14e236df9dddc
- SHA1
  
  a2f20faee685abef6b2f678d926c421f812d3d88
- SHA256
  
  683c65d550489f2e0b336e93b6fea6720899051d90b90af9cadc049f237d4fa8
- SHA512
  
  7217c73d18afd071aca8c913d891070e41c88085abc50292db0440ed88e302be559e897157394b55889077adea71d157db4298f6c349cc0dfd3da4a4ebf461cb
- SSDEEP
  
  786432:HSVV95c2UClQzKnYKCOGp4t9ENvEMaCnK:Hx2UCKz+829YcQK
Score

4^/10

discovery
behavioral28
- Target
  
  vccorlib140.dll
- Size
  
  358KB
- MD5
  
  9ac7ad6a47cf8bddce8daffd31cb03a5
- SHA1
  
  55ede0c378279526bf6e8b4093c382ee7ae111db
- SHA256
  
  5966e6f9de7a3aac11d22c899bd7b3a1248b3c375461c1ce10efb8eb871b394e
- SHA512
  
  d31289bc6321a77c8c43a8d49393acb6c97ea9b5ae62fdc1a6a1f17b6a53a91ec1f714d71f1e944bffa041b5f74e0266e68d80844f75fa624a4376d4a8adde3e
- SSDEEP
  
  3072:SYXnkAiObjnmzH0nZxbwUSEHuKJemWtaOkic9VSgtH/5BhhXarUX1RdlWiNiC/0Q:SAkAvbjnmMN9XVFP7/09FSp
Score

1^/10
behavioral29
- Target
  
  vcruntime140.dll
- Size
  
  83KB
- MD5
  
  1453290db80241683288f33e6dd5e80e
- SHA1
  
  29fb9af50458df43ef40bfc8f0f516d0c0a106fd
- SHA256
  
  2b7602cc1521101d116995e3e2ddfe0943349806378a0d40add81ba64e359b6c
- SHA512
  
  4ea48a11e29ea7ac3957dcab1a7912f83fd1c922c43d7b7d78523178fe236b4418729455b78ac672bb5632ecd5400746179802c6a9690adb025270b0ade84e91
- SSDEEP
  
  1536:U3qPWvVCMgfw2eeWqjOebgk0jIpePxd76LGYU8j6ecbolG8EB4h88ii0:U66dsFeeBGPj1L6LGY+ecboC/8ip
Score

1^/10
behavioral30
- Target
  
  vcruntime140_1.dll
- Size
  
  44KB
- MD5
  
  2d4a5e1e503a5ba3d3a1e3b49436b00e
- SHA1
  
  884e2185bce2239afdf2d651a47f45c00d01a6c4
- SHA256
  
  01d686d5122102189c04244f7ce37d8ab86213ae27588e88073ebbe54bcf1452
- SHA512
  
  25877dedc89b89189d4026a8d6f8853cf9d86f1e6733c8bd6d1ccd88626b41005b08135e612b70043050d3a105185d8ed2a9bf89d8c2ad7133282c4c1ca5696c
- SSDEEP
  
  384:jiWe6RE3c6lqst5nZvS05fJjPXR51RWmbzw+XfeDky85xHrwB2BWrYKW8dHRN7WH:wt3csN7xPXdRdP/ve6HrEUeePzvbH/p
Score

1^/10
behavioral31
- Target
  
  zlibwapi.dll
- Size
  
  133KB
- MD5
  
  49efed0fb89cc5630a76e0747540ade3
- SHA1
  
  7427c94d3de81173af23581e05804cde398db5be
- SHA256
  
  503154bb3a6f97d1d0755461f95425052c4e8bbc67000c7897e5e28bce8af62a
- SHA512
  
  560aa37171051267f8e8b6d3ae1badff2557663275a4b893ba3d3984e82385dd61571d67aab17912b702c907df5f3e21581469f59647d000ad7e9dc69075e9fd
- SSDEEP
  
  3072:vmed1In+pQE+BRcCArPR3rvNQasyhLb4qE:vme/In+OSrPR3rFQR
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

T1070

File Deletion

T1070.004

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Enumerates connected drives

Indicator Removal: File Deletion

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32