General

  • Target

    Wave Browser.exe

  • Size

    1010KB

  • Sample

    240302-vhq8zsfb7v

  • MD5

    a69d796ab71f88742ebc5317ff46015a

  • SHA1

    e0161537372941371751cfc3defe9041b03251c1

  • SHA256

    204259fc2caf158eb9bfae76aa4204dde93a18643f5cbb578d8f93260f11593d

  • SHA512

    c948df9b292b6e4340e1329bdc467fb8ba9d4d8d08256d761efcd451d50c9432dc08ad4fa030f6a65d4abb7ab7ecf266b93421e16e14c655391a13e6c88745d4

  • SSDEEP

    24576:ZvKZo9CjuY5/2K0C0gAhaTbE/7nkP7OZo/UcvbAyuoW:ZOocu8/7oebE/7e7OQUcjJW

Malware Config

Targets

    • Target

      Wave Browser.exe

    • Size

      1010KB

    • MD5

      a69d796ab71f88742ebc5317ff46015a

    • SHA1

      e0161537372941371751cfc3defe9041b03251c1

    • SHA256

      204259fc2caf158eb9bfae76aa4204dde93a18643f5cbb578d8f93260f11593d

    • SHA512

      c948df9b292b6e4340e1329bdc467fb8ba9d4d8d08256d761efcd451d50c9432dc08ad4fa030f6a65d4abb7ab7ecf266b93421e16e14c655391a13e6c88745d4

    • SSDEEP

      24576:ZvKZo9CjuY5/2K0C0gAhaTbE/7nkP7OZo/UcvbAyuoW:ZOocu8/7oebE/7e7OQUcjJW

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Target

      $PLUGINSDIR/Info.rtf

    • Size

      5KB

    • MD5

      cfbd5977d307b56832ca92ac0999efed

    • SHA1

      e602dbb36161976e055532693433e811a48bf61c

    • SHA256

      9f5f3345cf988a4c15872cab84efeea9791ae835a7d48296b12d4dfdbfaf9937

    • SHA512

      0c2a45a73bd7021852b69d30a297e7b67fd3f26f04b675151e256c97865186ba0e8ed28a7500af0d02f3c3842c8b4d7b81e6e13a0891d6667c87608457c5ca9b

    • SSDEEP

      96:MhVhK9ntHkZ2Pf6WeInhVSrZxKtctiK6LA8Ze771X4Lt5K2:cVwLHp6OnhVSCBve771Xsk2

    Score
    4/10
    • Target

      $PLUGINSDIR/SWUpdaterSetup.exe

    • Size

      796KB

    • MD5

      18693249f3a283e83b8179e692ffbba9

    • SHA1

      546c0d89f8c8096d22c6f6be7e843cf5ce08e220

    • SHA256

      3d828bcccc628e7096856337b178da5608a6c3db99383374e6c49d50a1895e64

    • SHA512

      1ab246fea99daf75831f26930d458a05ff0efd5f9c71c9c4396681a065fcf9f5c04af774df34ad55e140b71d41e42254ee2d9dabbb18009800bdfc62170a8c39

    • SSDEEP

      24576:f/RUhtSWUeNXoCPxjyJVhGi4vGuOg9ajduJd/WDj0:3RUhoK/9ecwjd6d/sI

    Score
    4/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      20KB

    • MD5

      345b6faa62a50ba996a4fc52a17031c7

    • SHA1

      7ee131c8c4f836e9c88764197da34a5a9dbe7d97

    • SHA256

      e994184f10c979ec8d3e0ba11d3c95322b0f846fe45d0a56afc2afb35cf92d9a

    • SHA512

      5eadf9edf82b83c2c051c6072b7d31a711bac17513dfb452c25f98cfec00fc54fef0e54c29e60d5de8813284bde440b4f7843c5cb07d2bd9014b0610e98a9347

    • SSDEEP

      384:z7Vxr8IgLgi3sVc4NIYixpYSMElLGoGCJEF8ZpHAYekb:lxr8bL3TYiIKEFiRMq

    Score
    3/10
    • Target

      $PLUGINSDIR/inetc.dll

    • Size

      44KB

    • MD5

      01e912f4dcc1962e4caf95cf06824bd6

    • SHA1

      ca38906b61417a495ab4a99f87fefd1fcea27b68

    • SHA256

      7de65937b8b6dcebe11e373630b32979dd51dd642f5024c398e235fc603683da

    • SHA512

      156b3efc5656164c06e60a7657829216ce17c607a3ac82858c82ba8c886919b3e36d54df101b5387e5eca967672d30aa0bd081ba9ed322f407e7df45cfa6511b

    • SSDEEP

      768:EFhctuggHZ7KQafLPvjZtYiI4AEFiRolX:EFagggHFnajjZt7/AeiK

    Score
    3/10
    • Target

      $PLUGINSDIR/nsArray.dll

    • Size

      21KB

    • MD5

      261025b9c39810caebf7cdf301c62517

    • SHA1

      59a757bdd007daffea95ffb2d2eef80b1e1f13e5

    • SHA256

      44480d48dfe139cb4125ac05df462fda4d6980d6558151c3a862578fbf790370

    • SHA512

      10db13d86f2a75f3857b35f0b9025714ae53f3be21cd7f93fbd22909e294f4fc81b2fde50f5b378251594aa6158d139432b98b5f90c06779fbdae4ce1be2d982

    • SSDEEP

      384:gQ6nDv70AXXcWtXexpnGIhWOIYixpYSANNGoGCJEF8ZpH+0:yDhXKxpnGIhKYiInEFiRL

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      18KB

    • MD5

      d3e82a3a0a0f6b3376aefbe411909ead

    • SHA1

      7a819fb67e3f2847c667490d65723125850881c0

    • SHA256

      3383fc788e3e7c0bd856c225b1007bb334039cca9d1f6f193a1cb01e3b87629c

    • SHA512

      d933cc2bd25726cd99463e2b6c4fa4f84680f5051463231982fd1871d702a0d3e14a99593810260000861ae446ce3a623847f70953655e017cb03daedda0af7c

    • SSDEEP

      384:9Zg7+lkpxZdpLzKIYixpYSNFGoGCJEF8ZpHRTbgQ:Y+lkp3Dz3YiIoEFiR5gQ

    Score
    3/10
    • Target

      $PLUGINSDIR/nsResize.dll

    • Size

      13KB

    • MD5

      826b388ae77158fb430eef40d09e20a4

    • SHA1

      8e121819c77c950cb13767a0eeb76cf19e48eccb

    • SHA256

      0a2387d1acb456406dd83fba1f69cb48532f96a7aedf2e9e128229c66dbaa075

    • SHA512

      5c44c30861b8f2045d0ad3bef298f84a9404ce6b3fbaef8139cf603bff9cdc878b0f87d6184d52bcef7ce7d162148fd77d213c1f8fabefa49d5eed0d88222027

    • SSDEEP

      384:+r05zOHAA1xAIYixpYSZ4GoGCJEF8ZpHcYfI:TOHAA1xJYiIzEFiRc

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      out.upx

    • Size

      6KB

    • MD5

      8bde0133187a577ebff3f9104ccd8968

    • SHA1

      3d0750046df0065fbe216dc17e27ae8f1abed29b

    • SHA256

      90dd60058768960ee8c1f9d2432430fc2d397f52337df6013e994eacb992f349

    • SHA512

      751b24678a9d23d4134a23316897d1af9c049495e827cb246b0a5b716cd5deb63dd78205747acaf00199859ea5862c37df5fddf206c29f9323e0b486649e46f2

    • SSDEEP

      96:pfIGMO9UQ8YfHHHJZH33JzroZLiJ0T0jDfhPJ7G17J:BIGMOd8YPHXXFoL8i1N

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks