dd6ef8619477c8669b647546cdd16002c5d6b71cb0207bfcf07175ea3e2e73e5 | Triage

Resubmissions

28-01-2024 08:03

240128-jxsvkseeh3 4

28-01-2024 07:33

240128-jdt9asfhaj 4

Sharing

General

Target

Wondershare.rar
Size

1.7MB
Sample

240128-jxsvkseeh3
MD5

ac473c70e8aa6a596424b16f92c4617d
SHA1

89b1c2783f9f0b9e66a9fd5f799834bad0b75ff8
SHA256

dd6ef8619477c8669b647546cdd16002c5d6b71cb0207bfcf07175ea3e2e73e5
SHA512

32324e99b3b0dd12542f5d8c7097755e65386604cfc7edf29dd5b1121c2de4586913265ea3947274e434402fdc1303f8e83209c7248e8bc974525bb3eb7587da
SSDEEP

49152:OeyBJmfq9G7MMigJjhr8asROqT+Chai3JHke:OtBIS47MkYf+Mxme

Score

4^/10

persistence

Malware Config

Targets

- Target
  
  Wondershare/Wondershare NativePush/WsToastNotification.exe
- Size
  
  2.2MB
- MD5
  
  b32ce8dc420289061b40435fad1837a2
- SHA1
  
  46b41b2233a9a731a1461554f2acaf9abbdb0cd6
- SHA256
  
  246d77f8c053725ae1b11e85d6debe01fee061518cc16b257847a134614a531d
- SHA512
  
  44c2ae46a61f87ce0dd032f97482bb74bec4ed21167539e60df0e11144d352cd3fb00927ccb7a211745414f17e37aace1f2a7127199d3296b37059848f652001
- SSDEEP
  
  49152:tXxT2Yk6VXVprQtwhIq4eKURe1bdUTyxvoT3eT:tXWeQtwg4RepSyxnT
Score

4^/10

persistence
behavioral1
- Target
  
  Wondershare/Wondershare NativePush/cdndown.dll
- Size
  
  830KB
- MD5
  
  c16a8385f5b1faf8445bb6bc18ffc69d
- SHA1
  
  664ce8db9384961717f61255b7a1e2dbdbc0a13a
- SHA256
  
  21414861b2fa96c73ff0232226ee0b9f163eef3300c62670fa3020fb05d40bd1
- SHA512
  
  dcc4b32612bcaa1dce1f0061c006dcbca9e7345ea78faf8062119baf05fda5d590a65aa09cafec1314de1ea0bb52c107acddc664d29aed2278e781beb4232c41
- SSDEEP
  
  12288:Qf67DGAl8n2cV1PrzlGTfScpINJTSr2jGjVHyNvRGjFLarLnEqoGz7Q:a0DGS8n2cV1PNofdONhSajGjJyNvRhEj
Score

1^/10
behavioral2
- Target
  
  Wondershare/Wondershare NativePush/wsUpgrade.dll
- Size
  
  1.2MB
- MD5
  
  dbfb068a458ba8c1c192e81bf2a785c3
- SHA1
  
  cd06bce0b21a5057804516b7a84fd4b96c177b7a
- SHA256
  
  2b58c6e61c04057a377e061fd10bf59a267db6e918981a15f3b1040cb9278434
- SHA512
  
  c50b32ebe9faf000cb2d0f407d44edec673510176b6435142c5122215cb75e8078a5ccfd8b2be9688695bd7ce5c24ddbea01498b3f2b78bb6a2a91d956cbc471
- SSDEEP
  
  24576:tPMIF8w/UVRivhwEjVIJltJh+5P4pxxuDQNA8JIlVC9H8e+ECLRsw3aoTsWwiAss:tPuw//vhwEjVIJ7Jh+5P4pxxuDV8ylfg
Score

1^/10
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3