5800a1e7bf0ec53bed0fa97b616b893c7b6c346243b45fa90cd82a69facfa135

Sharing

Copy URL

Twitter E-mail

General

Target

2b3dd63bd0bf62fb6827dff4f323a0c8099313ea7826e74c6d592248e2595bef.zip.zip
Size

3.5MB
Sample

231107-rdy69agb4y
MD5

16fdeceab68cd5094546e8be3bc55a84
SHA1

0816d62cbd96804c71e83eab53df57a8e360caf5
SHA256

5800a1e7bf0ec53bed0fa97b616b893c7b6c346243b45fa90cd82a69facfa135
SHA512

d3b97167d678e70603222668876008607518d71982ea6af0531ac0dfe509e53cf23e8603ec29f6de2b0d3c3ca87d2f9e97349bc014f707116c4fd50d39e6b62d
SSDEEP

98304:xtRuH83LB40waztEBIGEOrk+Nc5V4mK8C2lST:Qc3q0BztEBIzO52V08Vl+

Score

8^/10

Malware Config

Targets

- Target
  
  DS4Windows/BezierCurveEditor/build.js
- Size
  
  431KB
- MD5
  
  61b6490d371c57d566ae713880f3ab40
- SHA1
  
  36c2071e549545f02deb5500c296f343d88b08f8
- SHA256
  
  fce907cf01187e1ca0afb91341fb6d793a97d359918278a759ad03ab4dd71348
- SHA512
  
  b6c5b64ad02e85087d2ea71938ad1e1cafeba13184e3ed3eca31a3da47bcdf8e58fed3dae50917a797f7d0bed89a12d391fbcfe0246c264e82bb581866f36953
- SSDEEP
  
  12288:9eTeocrhC4KAl6QhcrlsM0q8btBFWW5Ovyf6Bv+JWcwxXAc6EHmSZGlYBDdyNdyI:IqWcwxXAIG6RdyNdyFmL5NyiBDpgnU
Score

1^/10
behavioral1 behavioral2
- Target
  
  DS4Windows/BezierCurveEditor/index.html
- Size
  
  193B
- MD5
  
  b7f3e0aec1e9905b2706285819ad8627
- SHA1
  
  c86d0c917ef8b6e1ee25d034fad53b0b9f6ba5c4
- SHA256
  
  fbd5e846237145aaa4b1d5275eaf95013a31d41e9cdaaad032d583245de54a7e
- SHA512
  
  036375d1801c4b85c8454a874267cef9dc49bd7aa73a49e308584fca8cd188857ba625f1033149f0a9aa395c5ccb78d1f1abc73e2b85339a6c5895d46759a080
Score

1^/10
behavioral3 behavioral4
- Target
  
  DS4Windows/DS4Updater.exe
- Size
  
  803KB
- MD5
  
  36c2074cf30fd2f960108eda26977645
- SHA1
  
  8fb0cece7ed4fd698ef6f6ee7a519560b41edf71
- SHA256
  
  1fb782d6531582a5c86b1a1a4715b0692728396622cf27fcc3abbf0390f8d100
- SHA512
  
  b73b06e317cd8242566b9f3a71ce2c4e1307b6a2895f5a903859d75853d0d2c5d5f1ef2a7ace4e3bab8a62db7e0194262c8ca0d0fba40563ccb753d6485fd3bf
- SSDEEP
  
  3072:SguAgTsGLYEZl70PsLko1Gs2T/0oim/JbRZzlZ2pvqaDrJ0M6gAAAAAWAAAAAWAT:S5twsLko1Gs2T/pPlZ2Bqml0MA
Score

8^/10
- Downloads MZ/PE file
behavioral5 behavioral6
- Target
  
  DS4Windows/DS4Windows.dll
- Size
  
  3.4MB
- MD5
  
  10347d0ccb561276a5929dae9a65affd
- SHA1
  
  7ddbec2ff14f5e0d832bd383d2f7d40240cb11d4
- SHA256
  
  56537a1ec6beedd051ac4343cd032e5830da6160741cb31a2eaed19ad2061242
- SHA512
  
  8451020f9fc6b62ecdf597d41168387ca4ecbfa07775f41dd5f7da41e2c6a83eea265b7f3b69a8d1ae4c77c3d06f8798160cb734ba93782cc074ea9acc8f600c
- SSDEEP
  
  49152:kwzcUgVWQbnPJ5vFqTdheWCMPQCZuYd6wzMlH0hwzMdVzA:kwzcUgFcuLwz0HYwzSVz
Score

1^/10
behavioral7 behavioral8
- Target
  
  DS4Windows/DS4Windows.exe
- Size
  
  465KB
- MD5
  
  e04a76a4b5a4c802eb3c228909f60bbb
- SHA1
  
  5ebb77a556b04faceba7f89b9b4f13343298889a
- SHA256
  
  f81c1245f856b7764ef90626a708c684f6117f6e2125582b2c5de1d1218b634c
- SHA512
  
  bcfe476f8b01601dd7411e97b7895a340c65c720881cfbea5218f4a2aba8ab8757de19e8729edafbf8c711efe8ccf07a1f16bdf4034855fced43ce0a9bd97331
- SSDEEP
  
  3072:t8vbzyQ6Y1YXrbNK+3FNxacPEMk6VRQAaTWHAxE53PXJagcxjiitVqDRHFljXfuk:tszAXNK+3FVBRQ9TWgi3P5zMmh
Score

8^/10
- Downloads MZ/PE file
- Drops desktop.ini file(s)
behavioral10 behavioral9
- Target
  
  DS4Windows/DependencyPropertyGenerator.Core.dll
- Size
  
  40KB
- MD5
  
  d9732473b12f627c54c5c71849f99e19
- SHA1
  
  1fb1e2f5a4518571f7824001f6fa39def92c8df4
- SHA256
  
  cf1c009fb3dfc12623d83b513e5bab0e98108a00d507ec3d5cac44386f4f4368
- SHA512
  
  51e604128522429635cfc8af582b437f9d4642ce23f8b1a7167d770a0dc7ff0865b6f19e0d13d0870dc5ec41715961c18522639ecd7bad92eb646418da40fe6c
- SSDEEP
  
  768:Nx6IpmUNGrcwq6dfMqUxgnT6OEwsyG8mAJgvf4Fq6prG:SGmUNsJMq/VdmAJ24Eky
Score

1^/10
behavioral11 behavioral12
- Target
  
  DS4Windows/DotNetProjects.Wpf.Extended.Toolkit.dll
- Size
  
  1.1MB
- MD5
  
  b59365511c243acc47608e40f56d49ba
- SHA1
  
  296b73df2f12180cb766ea6a503c8d29a2a7dbcb
- SHA256
  
  fbb700ca8188b4cf36e6d42d2eb01d5fedeff9bbf7a632135cf17bd6e11e2794
- SHA512
  
  5c1c7a01a62f611e6a5e5f2853833ce660b918093d8f09dd77d10e4d2f5e849f2de592521d6c6231f63c6dba233059b3775d7a4718f10b02c04d5d784e85840a
- SSDEEP
  
  24576:f679he0vKEw8j/7gFAKlu3z6IKnl+SvmKLgYbbWlvrlviW2Bn8XxiaRYV8BH4G6X:frTk/7gFAKlu3z6f/vZLgYWlvrlv/Eaa
Score

1^/10
behavioral13 behavioral14
- Target
  
  DS4Windows/FakerInputDll.dll
- Size
  
  24KB
- MD5
  
  f9dcb7840822eb05881e5d6ca52decab
- SHA1
  
  b425481a2c7371ec4bcb427c2fff8c97c42e02b0
- SHA256
  
  0f87332917dabe83260a391551d18ff9d1ea7e3418003d6dfa6b1d2141b785ff
- SHA512
  
  9cfa16c722456d32fa73236bc199c8261a1e2eda8770916d4cd6064645737a0a0196aa5d19dcbf19f97880a8bc831e427ec24c5dde104ee688703042196962e7
- SSDEEP
  
  384:64gkmgmyLjD466KN9TGfZTbGhGAp9E+88ZpHOA1GY:0JZyLjDd/wTEp9E+8iROAZ
Score

1^/10
behavioral15 behavioral16
- Target
  
  DS4Windows/FakerInputWrapper.dll
- Size
  
  10KB
- MD5
  
  33516f16e0ecbcf00b91c5eb44f3fbc7
- SHA1
  
  07d52841a265d03aac6a86a867fa0da349a82ad5
- SHA256
  
  3dced5c21f901c321a50209b62e1b0703ab4ee243f60cb3167e20179207d4771
- SHA512
  
  8513bc0ec9bde02e0c3a83326825e9f5f93223b74203a369aa156e11693c8c37115aad1099b5ab7c196cccb07ccfc4f8a27775b3c18cb41a4196a52788d030b7
- SSDEEP
  
  192:vL9KjGTKiNUiG48U2JNe2iclmbecGIlsbgU3K5shXIPi:vTTtuiG4t2neSsynIlW7a524q
Score

1^/10
behavioral17 behavioral18
- Target
  
  DS4Windows/H.NotifyIcon.Wpf.dll
- Size
  
  107KB
- MD5
  
  c55c75689792afd64a98f718afb4cebf
- SHA1
  
  2214f96afc928a22e04bfbc5a27723b6a335c18a
- SHA256
  
  a1978032615d674ea6a3fa993c22494dc586fc3c39aef365c717891191a50d5b
- SHA512
  
  6ca10d229cd9d2f95af2a57c1adc3f41529308a86bc6705339569dff5b6dbeb351e8ff721f270a526b2cc3bfd2585f9b789defab1945083a9ea9999a67562003
- SSDEEP
  
  1536:LMOfka/e3vsqlo+NJMTwor8JgejId0cUgh/Gp8hZ86nYuVJEkyyGr:LMO8a0vsomBAJgeUd0bS+8hZZnrBlGr
Score

1^/10
behavioral19 behavioral20
- Target
  
  DS4Windows/H.NotifyIcon.dll
- Size
  
  328KB
- MD5
  
  a11cf38e9090ec05a2801b0a2b91cab9
- SHA1
  
  d9f0e79ef133ee0038ffeb4ffb15625749606a34
- SHA256
  
  24c24bec4581b876f52fed8951b0a2d7af51f7571216a7a8452e474a324eb6e8
- SHA512
  
  994f25ac9a9c656d97fc79447d0aa9169ac34b92608a8ecf5923ec5d09529f8e4c291ffc70dad07d775b3082670cc8f78aa9ceb50a19d57fcede20ad863584d4
- SSDEEP
  
  6144:FLpVQGZg9B5lvZF/HXvwq1bI4eZzf+zkmKN:Fb9ZIbDI4s
Score

1^/10
behavioral21 behavioral22
- Target
  
  DS4Windows/HttpProgress.dll
- Size
  
  13KB
- MD5
  
  e97fb25cb7d477d5c3116f3add7c060e
- SHA1
  
  a764ff39dd41f97f0a4d224acec348d75eef337a
- SHA256
  
  a6c28242c760db5713f12a292a87c470e39e42aef8663d02af8e72a3658b97ba
- SHA512
  
  6c1580d60755fc2f89403138ac082ab7b57d215cb20493f092502d30fb5604340cc016aa5c72300bfc22d3e4add0b12d487f3bcf213044d41c6c13e9b1dfbcaf
- SSDEEP
  
  384:D4DXA5xR0vFPNBJYEk7tpwkjRdmTBHeu5unsEga:D0e0dN7YEkPPmUuDG
Score

1^/10
behavioral23 behavioral24
- Target
  
  DS4Windows/ICSharpCode.AvalonEdit.dll
- Size
  
  602KB
- MD5
  
  7ca104c3e98d3cbd162fdef84edd3b8f
- SHA1
  
  d33e18462f8fefc374fb2ce286d2e176bf414bab
- SHA256
  
  2417e116ed23b3cb7ded9759bdf7dbdcfae0f7d58d71b1dd5e264f5510d3eea1
- SHA512
  
  23aaf202b7e50e5b621bbbf720214f2732ab4013dc34c12f0cc9dcca51c0afdcb0f1a696c425449767c49aafa4e834b8e4ee03c0fe48664d37a3b3ba07a3f4c8
- SSDEEP
  
  6144:TkAkAepj9cKU7RrHLF+UpC5Heq4h2Eoj51+8isj3V+oCiTfWAqjot:fs9Hh48GL
Score

1^/10
behavioral25 behavioral26
- Target
  
  DS4Windows/Lang/ar/DS4Windows.resources.dll
- Size
  
  11KB
- MD5
  
  ab9262cd7688eb3713009e4b9075c061
- SHA1
  
  a8879f1b9df0164a197fdd4cbe3277cbe30331a3
- SHA256
  
  a22d437dec9d69922133f733c0d9cf2b71891300975802bdd29de601732e50c1
- SHA512
  
  85a38e62d92795de4fe38fb1c7a34ebcf9208726e20e3a3a2d08019fe2612bee18abd642520a3e84fa85bb68b4febdc1b05cc4c0cc95567ef5859353c3411c05
- SSDEEP
  
  192:kfu+KU6KRsQK+HDEiv/4Leric7xu0l3NAx33ZbHCZADocvcQ50rz:ku+KUUQKQDV9ric1Bqx3pLycvcbz
Score

1^/10
behavioral27 behavioral28
- Target
  
  DS4Windows/Lang/cs/DS4Windows.resources.dll
- Size
  
  11KB
- MD5
  
  d7507714c8f12198e5474d7ef94e2053
- SHA1
  
  d0ae6ad04799bce02d6670f9a57855ab1e0102ee
- SHA256
  
  14f27c97f4ac88ee8397cdf8a50a8b928efb157487c75354a353b1dc699281ea
- SHA512
  
  7ff8a96c9c14321f351b31e666781bd101e53611ccd0a8212b023824a1826b7bae573e6fc7f59f172d16376fd41819be2dac07d72ee873f9031625a2f084bae8
- SSDEEP
  
  192:FGW++aXn5HmUIgixETvqnIevHA5q5BauZADftJH/fODv57ZW9Gyrj:gW+F5GUvixqAHA5q5Bcf7Hs0nj
Score

1^/10
behavioral29 behavioral30
- Target
  
  DS4Windows/Lang/de/DS4Windows.resources.dll
- Size
  
  17KB
- MD5
  
  f142427e8af0cb303459a6773f0a92bc
- SHA1
  
  b4cbf951cb6bebe0087c3c2d78dd3194fc1a25e3
- SHA256
  
  154205a5e7b27fadecb0718aa5c5946819677d57403b11b370e5730b0ab40661
- SHA512
  
  6b6511c182f8b6c56064d1b4ee97e0516264d99f98883daca5df73d059c6f3a0f2cc3a4dd4b4bf2d86ed780fae421df88a5f2ccf0fa8455dede3e676f398e1c1
- SSDEEP
  
  384:4X+sQkseJ8FUPbyUBuXbDWo1hF7EAAobWsEj:eseJ8FUpBuXbT1h1EAAobWsQ
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Downloads MZ/PE file

Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32