c8d459b37ed4ae108b5590edec6cf9683f5cb0ad2201783e576865b8c1b79dad

Sharing

Copy URL Twitter E-mail

General

Target

CONECTAR MANDO PS3 (1).rar
Size

9.7MB
Sample

240122-3e9vxsdhdk
MD5

ed64f1521d7f0daa8478d94ede96ab65
SHA1

b8e2a9e29885b8d762604b66fbcb6f7358455ade
SHA256

c8d459b37ed4ae108b5590edec6cf9683f5cb0ad2201783e576865b8c1b79dad
SHA512

3be37f0948eba69145f335489c9c9e28e7194b45298b996dc785b5c3c99bd4f3a565929bcd7e56f088bdcd3042fa17dfe9a3f7bb6a557ed6747047b0e12ac6d7
SSDEEP

196608:XBGXcxrQnqaMPZaSwgkOI9zqZoGPCHkr33FwJK0tsEQp2OYQZv10qEhOJZ:XBG6aMPIFgkOiqZPPSkr3B0MEnQZt0qr

Score

7^/10

Malware Config

Targets

- Target
  
  CONECTAR MANDO PS3/BLUETHOOTH/BthPS3Setup_x64.msi
- Size
  
  3.3MB
- MD5
  
  03df9c77f6f4d42024dd15e9ff4f5141
- SHA1
  
  394404dfe6c1d57e70721f0ce552cc0e0d2dd09a
- SHA256
  
  e503d91f53efd6c1b96c231fc6a85c611fa79987dfffb3a5f8ef695165a28b4a
- SHA512
  
  abf7ab91bd0dce22d6719fd90af0f9dc64bd5059bb48daea0c79af41bcf6c964764f2d6ea263266404f6e2df0cdc6cd8ce651ac6b2be67cc40cb00bf40ed7e06
- SSDEEP
  
  49152:pSDVehfTu/AVoMGlgp3lRq+QHRUt0QRuvQOKh8DSNO2A5ntf4agYzqP16ZDY5E80:paVehLKi8glTKHSEjnTtf4z0DY5E8lG
Score

7^/10
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  CONECTAR MANDO PS3/BLUETHOOTH/BthPS3Setup_x86.msi
- Size
  
  3.0MB
- MD5
  
  fd81d0e9a638a9664d7e3332e124e787
- SHA1
  
  e23e771e2b2b8747f24d64b3cf8791dcee55f919
- SHA256
  
  cf23fbbf5d8b464c579c57640d6da76a767003e957268b69b96c9ce32d215f5e
- SHA512
  
  358f4615d847419a57e5c09385860784e3ab2f1b6a70445ec8a25302bc3a09c3dca8ab3592d7415e26d7148d3d524fecc846f4b360ef9a92a84ad90962c6a236
- SSDEEP
  
  98304:S6xh0DeTVVQMhbgwgr1f88lXA15flOs6YV0FLG:SOweTVVQMhklfVRA5d5d
Score

7^/10
- Loads dropped DLL
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3 behavioral4
- Target
  
  CONECTAR MANDO PS3/CABLE/DSHMC.exe
- Size
  
  3.4MB
- MD5
  
  a8fac715901cfa315425fe12876b5814
- SHA1
  
  a45f1891cda4b61807d1d682e285b92686bf2742
- SHA256
  
  10e03a6fd23c96790a89d2001b323f77d8efb46290948d984fb325b58bc88cc5
- SHA512
  
  f219389183e1321da35c5b7e86a6e860716abdf95e876bee8d4b346c8ed4f72af60c270c7e2d6dc02a3afa805b39f05d4156d79d6f01bc1dc73b806783fb4a9e
- SSDEEP
  
  49152:8BlhzjSixb+YKwpiDeAjDHDO8uqVnDk+zxsIRzyfnTJbStH8PAFUc7B:87hzjSi8YH4L/jDDk+lm08YFUcN
Score

1^/10
behavioral5 behavioral6
- Target
  
  CONECTAR MANDO PS3/CABLE/x64/XInput1_3.dll
- Size
  
  29KB
- MD5
  
  f2da09030a83dc3a5f44e0e3d30c6b87
- SHA1
  
  a2b929787f8f9b17da3bb2617b322064165653c2
- SHA256
  
  79da6f81b877dcbdcc234e7158191d6555d0c56ee69329641fd051551eb5f770
- SHA512
  
  4c00203c0e1803c3a4c9b97e5fe918db40e9467702eea5da2885dcf5c9f5aa15de8a8c55e459463130173df06e36d3a18c6c1f9e9fb726c13bda72d64c356488
- SSDEEP
  
  384:OiQ7djwGVpECWcnyhJwbVn5+qUVzV0Yvjd/FVgNCxLaGlNVDuGeRonBF04TqC:Oi0rVQJwbVn5+vV504fggx2GlNMc6
Score

1^/10
behavioral7 behavioral8
- Target
  
  CONECTAR MANDO PS3/CABLE/x64/dshidmini.dll
- Size
  
  236KB
- MD5
  
  590daeba78f0e711fcff5c784fc6ee98
- SHA1
  
  9b0658775fd605ef5d40d097734f0c4637820c8d
- SHA256
  
  cacd7e2abe5955c8eadf0c80ac72c4b2741bbe84522e88c14336d155a343eebc
- SHA512
  
  67a68ca80505448a95a0c4c4d17a441cdd0edd0c09412797df61be71059b961a6ce50cf99b4f52b1b970f7aa1077a64baf58d09304b6b1cf95d7502f6e398fa4
- SSDEEP
  
  6144:oeNLdW4NbIQWnmfWLXpXG9Q2bs3CqNxDt:oGI4NbIQWLZXU5sXNxh
Score

1^/10
behavioral10 behavioral9
- Target
  
  CONECTAR MANDO PS3/CABLE/x64/dshidmini/dshidmini.dll
- Size
  
  240KB
- MD5
  
  ce1ba56fd413818c5ede3e4fc9138321
- SHA1
  
  6ff3533eee5029d0ed8a8a5d6a06f3982fb8d9eb
- SHA256
  
  c5fe1228126e1384b8ebaafb7ae253007bb1484624db6f7ebeba9fe3f6b338f1
- SHA512
  
  fb0f83663f9bf51a726c3dbed5985943b79d7147c0e877f391cccd96158af1d1370ef142547d304f6ad977ef3a4df29b16954c5d1d910dfa5263002003e25969
- SSDEEP
  
  3072:j+ReYdCLdWZOLNCU7E7sWnmf6xa5X9xb3+Xp1BZjluvqutQ2j0sB+3CgnNyBqXvT:weNLdW4NbIQWnmfWLXpXG9Q2bs3CqNx
Score

1^/10
behavioral11 behavioral12
- Target
  
  CONECTAR MANDO PS3/CABLE/x64/dshidmini/nssmkig.sys
- Size
  
  34KB
- MD5
  
  1c6a558fd14c1acf7aec6d494d68997e
- SHA1
  
  7b180055ac431448f9825dc20834c1e6a3c217b3
- SHA256
  
  4b05dadb715e1ade09b921706936088af0999285ac76528bc6179a38d8284ce7
- SHA512
  
  86161a4776ae5e2fd48737c290141d00c649e103e5bc558dc2f878098e27f3e6936b5a243d292f4ac998986c02da8d54fdb3221699fd90fe9c338fd7ebbf1e10
- SSDEEP
  
  384:bbbqUb4USyw5sW+frudHHxvsfuUcplkQh9ZmgZsHL5WnZMuLh3os9lTD5:/bqu1tpKxEurfkQhsIdt3oo
Score

1^/10
behavioral13 behavioral14
- Target
  
  CONECTAR MANDO PS3/CABLE/x86/XInput1_3.dll
- Size
  
  24KB
- MD5
  
  5902e1f90d67ae8b27903a56cd1558d3
- SHA1
  
  21a5a73e40d64afb415cbc69fb6c727ec4798e98
- SHA256
  
  413e64c394d211b721a5e7b66443cf1b501d509ac8f4c9ffe6fe38d1f93dfacb
- SHA512
  
  41c5ecf1f259a711a3dde92584b09138abbfaede0f7de9108776fe633fbe6d126a16887821514aad810a026c179a2cb2898ef02899c9a4d8c1e2658a1cfd54b9
- SSDEEP
  
  384:vPcIVBSkh3YZMIVBSk2+wDl+nxD+LR7tsmAGYtNgYjCzGld1tFeRoEK9p7lyI:vPcI/huZMI/h216NyRNAHUGldxnlH
Score

1^/10
behavioral15 behavioral16
- Target
  
  CONECTAR MANDO PS3/CABLE/x86/dshidmini.dll
- Size
  
  187KB
- MD5
  
  f253751170a0342184fb57e55ca15187
- SHA1
  
  0b781c626e2ed15471fad85e3a9da7bad565f885
- SHA256
  
  5c3ccf0daeb74c4148b2db3c2a321538a5406a41c87eba06a4e5c0aef13a1661
- SHA512
  
  edcffdc75f59fe891fee71ec2aa76c83ba2103107a906e44fcfbd8a913828a26349ea45995385488e534389ab3795990aa0b137f57d9fd2440e278b7749d29b2
- SSDEEP
  
  3072:zzvRsPLQQwRYVKoITBiVN+TZMHqc1WY5lp1uWF9nN4I9a3Ru2vVC00Rs:z9sT6RYVKoCBiVwelTNRKRdYns
Score

1^/10
behavioral17 behavioral18
- Target
  
  CONECTAR MANDO PS3/CABLE/x86/dshidmini/dshidmini.dll
- Size
  
  192KB
- MD5
  
  27df9dbde6c836012dfc0701e4266a2e
- SHA1
  
  0e2e4a716702d8ca99ab3297e8031d8d9c891957
- SHA256
  
  df5a3f739d459977015931aa94d096a0146805abc08c2f0b643d9f8456156de7
- SHA512
  
  f00078d76cb9f8f326569cc662860a539f8b01ae9b2cbcf96d4b220be3651c63aee35a16730d4dbddfc8409a4a8503ef01b044102d48860a2d72081345e473f0
- SSDEEP
  
  3072:1zvRsPLQQwRYVKoITBiVN+TZMHqc1WY5lp1uWF9nN4I9a3Ru2vVC00:19sT6RYVKoCBiVwelTNRKRdY
Score

1^/10
behavioral19 behavioral20
- Target
  
  CONECTAR MANDO PS3/CABLE/x86/dshidmini/nssmkig.sys
- Size
  
  30KB
- MD5
  
  eb9b858a7e8b9e5f5902c07937eb1987
- SHA1
  
  88f30961ba2da36398f9aca00a9b6da41bbc2d00
- SHA256
  
  46560d36fb2c5e6b56346ee10096052e0349e9f6fe82dc1628a044bc23a918f7
- SHA512
  
  9cbefd085bbb3fb4ecd80e89e9568f9d7c4a8d5ed6959f23bd4375887dde428a35ec0d1afe46e7a1231dc55379902ad0fa5f803198cd9bc57cc41ef3a2dde70d
- SSDEEP
  
  384:IS2sinGeNMZA/mplCoMCh9ZmgZsHLMWzuLh32P6Imlct:KsinG0MqufCFChs2t3Et
Score

1^/10
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Blocklisted process makes network request

Enumerates connected drives

Loads dropped DLL

Blocklisted process makes network request

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22