262fac5a082726b317e738f86688aa64e1c84c402f444e061487dc6f54fa069f

Sharing

Copy URL

Twitter E-mail

General

Target

VSeeFace-v1.13.38c2.zip
Size

180.8MB
Sample

240701-f4pvqaxdlg
MD5

a74bf67961a44258255a9c3122fabf2b
SHA1

5c28e46167349d4e6cc13cce9fdba68fae37bc12
SHA256

262fac5a082726b317e738f86688aa64e1c84c402f444e061487dc6f54fa069f
SHA512

b39df805b7f2a522507fb7e83bfe512d811ffe757070ef61e596824fe2cf09353069cb709d1b881a2420d055f54cc8c4e02aa8e9098142c8bc2135ffcbd48a3e
SSDEEP

3145728:IX/pDBnLyX6EzzKcCYMSID3Ic+kMwybK8y2Nj5ekrDq+CxgvVTPU8e9BJ5IqjRF:IXRDBLyXGc/MSK3Udjbj5vrm+CxiNS5n

Score

3^/10

execution pyinstaller

Malware Config

Targets

- Target
  
  VSeeFace/MonoBleedingEdge/etc/mono/4.0/DefaultWsdlHelpGenerator.aspx
- Size
  
  59KB
- MD5
  
  f7be9f1841ff92f9d4040aed832e0c79
- SHA1
  
  b3e4b508aab3cf201c06892713b43ddb0c43b7ae
- SHA256
  
  751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a
- SHA512
  
  380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5
- SSDEEP
  
  768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  VSeeFace/MonoBleedingEdge/etc/mono/4.5/DefaultWsdlHelpGenerator.aspx
- Size
  
  59KB
- MD5
  
  f7be9f1841ff92f9d4040aed832e0c79
- SHA1
  
  b3e4b508aab3cf201c06892713b43ddb0c43b7ae
- SHA256
  
  751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a
- SHA512
  
  380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5
- SSDEEP
  
  768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  VSeeFace/UnityCrashHandler64.exe
- Size
  
  1.0MB
- MD5
  
  7a5e08f27dee85f770f3a3263ed2b233
- SHA1
  
  d80dbac543e2956735e1be65ca54519f636bc90a
- SHA256
  
  7efdd9ef7a395846f894d1b09cd119834907bd6ee3bbeac66e4d49f0324a0f9d
- SHA512
  
  842f5b300fc42d3ee32a13b8d9845856a0273e1a07921db50c31d328c1e6a537b3bd10067f460ab80eb76959cc8986302650a54715b69ed3d2c4b319c803cf46
- SSDEEP
  
  12288:FzZxqFzFWXEtl0itbpwvegH3rMETGLZoyQ5xE/8:FzZxMzFWmltbpAHXwETGVSxc8
Score

1^/10
behavioral5 behavioral6
- Target
  
  VSeeFace/UnityPlayer.dll
- Size
  
  24.9MB
- MD5
  
  1a8b34de127c9abb0652678f8ed3fc1d
- SHA1
  
  c4a3a8dc88a3f19794782a270140879cd071488c
- SHA256
  
  ec0b9b0cb43034947f87fd69f312d05d9228e9658086a7f1c811b58d62feff48
- SHA512
  
  f482ef95eac639ee7b3c50f3f528508595178c71ca49a9a1869ebe33c0bd2c6ac1491a670447911731563660f847052d29bc836260cddc5a4704c6d2e9960425
- SSDEEP
  
  393216:JKsdEvLQy5mzK8ntgLzVB6GM4qGMwuiyrxLt:JmYa7NLUdLt
Score

1^/10
behavioral7 behavioral8
- Target
  
  VSeeFace/VSeeFace.exe
- Size
  
  635KB
- MD5
  
  9563b46fe7df442172a569f2c90f8231
- SHA1
  
  a9cd7810d711e6e613f87608a47492fa1b100adb
- SHA256
  
  0011d598ab64aab694d405dd280306adfcc8f2627e0af2252b0ec4dc8419bacc
- SHA512
  
  ed62afbe9254f8e7b5b2f289077ac44e61ac768886da0693ad85b9fafff195c75e129bfbe27c23509b50878da8f7ad81654222e96f5a5e416d16acbb61c4b3d8
- SSDEEP
  
  3072:Pys7oYfSbbQTLWuiUg7VsS4jMvN0AeUNEizWOFgyPIkL3ukqfuF:P/7oYfSHQPWTUg4ht+zWqgyVf
Score

1^/10
behavioral10 behavioral9
- Target
  
  VSeeFace/VSeeFace_Data/Managed/Accessibility.dll
- Size
  
  12KB
- MD5
  
  63c434b864ff270ce9fef43917dc8621
- SHA1
  
  bd0a92569b2a14f52bea0dc52fae7238332c3b8c
- SHA256
  
  c36813bdf03fbad922e6558756c3cc2956e6f74457003947fa4e91952445e19f
- SHA512
  
  0770253b619a3f5b8154aaceb924e7c97fabcbc33a84db636662c3f8d24ac0967ba479745df6cc0e0b8e38483d2c93164540eb55ae3add512675360e88b125d3
- SSDEEP
  
  192:b1n3RPr/jgUiix4ix4eJFBRbl9KYYoK3ESmMadMpCNSeFU:h3p/jgOvRbli3ESmMadM4NhU
Score

1^/10
behavioral11 behavioral12
- Target
  
  VSeeFace/VSeeFace_Data/Managed/Assembly-CSharp-firstpass.dll
- Size
  
  602KB
- MD5
  
  b1ebb53dd4ce51e1665c067047927f27
- SHA1
  
  9317367789b9d05885ab533984af184a10c15500
- SHA256
  
  e11410763081c9c7e1df5edd3e6b01fbe79bb98cb15a7261c0f1c4f09a275286
- SHA512
  
  ac285adf18061fe92d027d6b65fcb61176e16e4dd4b8a5ffe04c4fae76bbfd034136fabd0eed7dfb0530598d1893b4d53f5df35ff7518122c9aed0315e744176
- SSDEEP
  
  12288:9LQ3s+csmKPEvzDr8a+uJxCnjzND0g8slxuQnYbV3PqXZe:9us+mKP4zFxCnjZD01ERYbV3PqXZ
Score

1^/10
behavioral13 behavioral14
- Target
  
  VSeeFace/VSeeFace_Data/Managed/Assembly-CSharp.dll
- Size
  
  822KB
- MD5
  
  d7720ea91784f00d20d5683fca787e8c
- SHA1
  
  767008f705663fef9caecbb52ef0e5cfbbc4f692
- SHA256
  
  5a24888245967b07a5884a8bd40059e33ff3141608177e7bd4f5c26df67838fe
- SHA512
  
  d55c092d17f53dfab70bfce78cb523386557ff912dc8934e19c91facfe381cb34f8d2c53e5d6b9fc12172b66529ec4b1a57d8985b215e4661f0616f1b72276c1
- SSDEEP
  
  12288:4i/O1t+2Xe8Q1cXM8Y52ZHR219juasbwcdDIg1u+gabJeQXPf:/O1tJQ1cC52f2cwot1u+nbJxXPf
Score

1^/10
behavioral15 behavioral16
- Target
  
  VSeeFace/VSeeFace_Data/Managed/FastSpringBone.dll
- Size
  
  20KB
- MD5
  
  73c5fce37c43810875cb13aa30c4cb6d
- SHA1
  
  3990f78ca50b337e1417aeadac552f4388d4a9d2
- SHA256
  
  4a2693cb4d64be292e889ce7c33666544f5feb0b0228e1a37009205c0d02b73b
- SHA512
  
  a66316e0ce2de1bab40ccbee6f395d749ab06bfdbfed1ef763ba6627d1ca590f7ef75dfc78f4c7b642f1761c18cd4b81663cece9783c702b7a007b0725350269
- SSDEEP
  
  384:gDq//TDbmoELR9t7nNAXwN/wbWwMSYd9fpN1ycJGyWOEcnIz:mq/bWBvR2XwoRYnpXyg/WOI
Score

1^/10
behavioral17 behavioral18
- Target
  
  VSeeFace/VSeeFace_Data/Managed/LeapMotion.LeapCSharp.dll
- Size
  
  81KB
- MD5
  
  8ca98a72ff4e7c7a791bf428c3c63bde
- SHA1
  
  8555bc705fa8e504f7f26fc51cef45927b3f07e7
- SHA256
  
  c4c4247c65f46049fa1b574b9ec3c0c906e39999c12c174a13fb2794cea2743e
- SHA512
  
  bd8e42920aa5db0569105bf3b578f95d9b8d7cf60bfc2b3864e232bf09fd1d964cecd10b8b54c19ce4418f779ca9d020376ff03b77d369bbb508bfb9ba081fb3
- SSDEEP
  
  1536:u2JK3Q1Vend0PmkxE4xymQJiniLiQQoNKy4iCIr5:u8aQ1VtP1DymQEnPQQ+K1sd
Score

1^/10
behavioral19 behavioral20
- Target
  
  VSeeFace/VSeeFace_Data/Managed/LeapMotion.dll
- Size
  
  386KB
- MD5
  
  a145d4cfcb8d40280b33524ffd6c2e55
- SHA1
  
  dd72d7cc73e2951177b4150c28ec29143cc26300
- SHA256
  
  6b022a38fc560afd470f59c06c1c0f9b57ae37a6b00d949ce250d38f7df8d09a
- SHA512
  
  85687334b9920f130edfd758300a853661d0b6f681da4f9571d707ffe409aac604eb982c0afa90d240d59375db055c24e844d8cd3f737aab3e6970dc36cb4eca
- SSDEEP
  
  6144:FQjbKa/CPmfgkUDSItJEjcWKnbMSc1IwzIigHo0c:FKKakmfgkUOGq4lMSc15SoD
Score

1^/10
behavioral21 behavioral22
- Target
  
  VSeeFace/VSeeFace_Data/Managed/MG.GIF.dll
- Size
  
  9KB
- MD5
  
  5bab8ff2999d1dfedd509c18072de45d
- SHA1
  
  f094872ed9ffd3319168fc45583f89d937a7def6
- SHA256
  
  e0665e5b7e30548557516c6257e00a090b8a868da413cf35c62a94e6c9e9b453
- SHA512
  
  503c42b8bd1fd3ad425a9b74c13d6e2287eff908da9266ede58cd7bc33ccdb48a18099b5dbe9097a40c9ce0664f7e7acb9ac26827ae10814248d873845aa94f1
- SSDEEP
  
  96:qu5Cyh+LwRZ55+ZOlqlYKH4CUiKRFz3p0KBLTo6V3CTN7LdFdFwVpJjVknUe2:quU5LE55VghKvz3p0Kho6ENtxE
Score

1^/10
behavioral23 behavioral24
- Target
  
  VSeeFace/VSeeFace_Data/Managed/MToon.dll
- Size
  
  16KB
- MD5
  
  1e3c1cd242fc9f5c4d70e447d797c8e8
- SHA1
  
  de2d5a8dad42b580867fd09d11d4b1bc2d21dbde
- SHA256
  
  696d5a9a7825d7824992e104fe761b87d2d8106caa04b000a727fa0592d69da1
- SHA512
  
  a79974aef375369203b33e11111927436debfe551f98634b7ebfdc2f1d04d276ee879487530c65a26bfa7266928a95ebf04f9ae46e07dc515ffed16654347c57
- SSDEEP
  
  384:q8ZoFHBxYrBVsBQuivOafxGGbi25gewrR0sS8PnaoAc:cFnYrBVsBQN2a5wrRUoh
Score

1^/10
behavioral25 behavioral26
- Target
  
  VSeeFace/VSeeFace_Data/Managed/MagicaCloth.dll
- Size
  
  390KB
- MD5
  
  dd00f57cd1bf008fea41c16f8ba4fe3c
- SHA1
  
  4620fc1b2f31bb38514511ed41fda4b0a1959db0
- SHA256
  
  fc40b109cf8d5614df9e27699d6823314c995550a8fc0f1b8951a7136d239664
- SHA512
  
  79622dd4a99d9152fcaad167ca48e4bf4f5e90e4136b4585f70c2b8cae33136be18d3ea03cf4bbd9b3ae359cb6231dcb6dd89d20744d94daebca13f799ec3ad4
- SSDEEP
  
  6144:GZqHy77+o3UMD8lkXqvctHeQuBKfdnvAvosIl0E1DOiJiC3f44mEW1:G+y77+MwuaouKfpvm5aaCP
Score

1^/10
behavioral27 behavioral28
- Target
  
  VSeeFace/VSeeFace_Data/Managed/Mono.Data.Sqlite.dll
- Size
  
  163KB
- MD5
  
  c3f45469e392a105cffe6ce007a54a61
- SHA1
  
  bf0edef3a0cb5fc35920497a108600d5625b869a
- SHA256
  
  5cfd7d5e444ec8d53755d4d82220524aa455f34b87a6f740b984d50465d76d4b
- SHA512
  
  d2fff88539fe6999ea428416cc153500f9ba5c2d130888853bec3568b1599b60d84da40fc3b7f08d4bde439c2d2500c720084064f92277a2ef16840a7cb83ff9
- SSDEEP
  
  3072:9b4Gh78nIXk4uuIgZUHfdNQFNFGFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbz:9b5qI04uuIg+H7QFNFGFOFwcGF6cmFWt
Score

1^/10
behavioral29 behavioral30
- Target
  
  VSeeFace/VSeeFace_Data/Managed/Mono.Posix.dll
- Size
  
  207KB
- MD5
  
  72c9ea78101c493635c0f763d1795d7a
- SHA1
  
  c04e331b6415bf566e1aa26550bf794651704c7c
- SHA256
  
  a33abceffeaa6b6d5dbd2cf77210daddfe331ed40eeae4cea3c5efb0c0db2cc0
- SHA512
  
  4dcc9495000f0cb0d93381a466f8d0553c2f9ef9521ac71979371b5eded37a25224a861ccc101a24b0b2741d30efb71d81d03fa00ca476bf8339c1786d9c46f2
- SSDEEP
  
  6144:9c9wE0Q11JQ1S+OWMYU7nUXxOwblnsAPe+Eg:9c9wE0Q11JQE+kY1SA1
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32