Overview
overview
7Static
static
3DAMsetup.exe
windows7-x64
7DAMsetup.exe
windows10-2004-x64
7$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...ls.dll
windows7-x64
3$PLUGINSDI...ls.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDIR/UAC.dll
windows7-x64
3$PLUGINSDIR/UAC.dll
windows10-2004-x64
3$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
3$PLUGINSDI...ry.dll
windows7-x64
3$PLUGINSDI...ry.dll
windows10-2004-x64
3$TEMP/setupc.exe
windows7-x64
1$TEMP/setupc.exe
windows10-2004-x64
1DamBho.dll
windows7-x64
1DamBho.dll
windows10-2004-x64
1DamFirefox...Mz.dll
windows7-x64
1DamFirefox...Mz.dll
windows10-2004-x64
1DamFirefox...Mz.dll
windows7-x64
1DamFirefox...Mz.dll
windows10-2004-x64
1DamFirefox...25.dll
windows7-x64
1DamFirefox...25.dll
windows10-2004-x64
1DamFirefox...26.dll
windows7-x64
1DamFirefox...26.dll
windows10-2004-x64
1DamFirefox...27.dll
windows7-x64
1DamFirefox...27.dll
windows10-2004-x64
1Analysis
-
max time kernel
90s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
21-03-2024 15:02
Static task
static1
Behavioral task
behavioral1
Sample
DAMsetup.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
DAMsetup.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/Dialer.dll
Resource
win7-20240319-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/Dialer.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/DotNetChecker.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/DotNetChecker.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/StdUtils.dll
Resource
win7-20240220-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/StdUtils.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/System.dll
Resource
win7-20231129-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/UAC.dll
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/UAC.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/nsisdl.dll
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/nsisdl.dll
Resource
win10v2004-20240319-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/registry.dll
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/registry.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral19
Sample
$TEMP/setupc.exe
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
$TEMP/setupc.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
DamBho.dll
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
DamBho.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral23
Sample
DamFirefox/components/DamMz.dll
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
DamFirefox/components/DamMz.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral25
Sample
DamFirefox/components2/DamMz.dll
Resource
win7-20240220-en
Behavioral task
behavioral26
Sample
DamFirefox/components2/DamMz.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral27
Sample
DamFirefox/components2/DamMz25.dll
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
DamFirefox/components2/DamMz25.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
DamFirefox/components2/DamMz26.dll
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
DamFirefox/components2/DamMz26.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
DamFirefox/components2/DamMz27.dll
Resource
win7-20240220-en
Behavioral task
behavioral32
Sample
DamFirefox/components2/DamMz27.dll
Resource
win10v2004-20240226-en
General
-
Target
DAMsetup.exe
-
Size
2.8MB
-
MD5
c4f6847c160205eaaba5af06dc3d5873
-
SHA1
74c1c9a22e85305cb21ff22e68800f96daaa8464
-
SHA256
5443b1c3aa80091b7e0d86681892e0871a7f1954dfa5cfd33318bc597116dd52
-
SHA512
997687ab9f5b1507690ffb6d474d7f3cb81d4204e5e7face86c5d1fb54030d8c7c53ad16e533650b5a88abbdf6ab84e58dd8b7d3adb6d049aa244d08d1a950bc
-
SSDEEP
49152:YKVrCbIS6kXtqMsSOqzw9iDxivzrp/SLyB+Lgyl8WLpqIDXssjromawYuwD:YKVry6ItqqkUVivXpGLLVpq3sPomy
Malware Config
Signatures
-
Loads dropped DLL 5 IoCs
pid Process 1624 DAMsetup.exe 1624 DAMsetup.exe 1624 DAMsetup.exe 1624 DAMsetup.exe 1624 DAMsetup.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
14KB
MD58d5a5529462a9ba1ac068ee0502578c7
SHA1875e651e302ce0bfc8893f341cf19171fee25ea5
SHA256e625dcd0188594b1289891b64debddeb5159aca182b83a12675427b320bf7790
SHA512101da2c33f47bd85b8934318e0f0b72f820afc928a2a21e2c7823875e3a0e830f7c67f42b4c2f30596eaa073617790c89700c0d95b7949ec617e52800b61d462
-
Filesize
11KB
MD5b0c77267f13b2f87c084fd86ef51ccfc
SHA1f7543f9e9b4f04386dfbf33c38cbed1bf205afb3
SHA256a0cac4cf4852895619bc7743ebeb89f9e4927ccdb9e66b1bcd92a4136d0f9c77
SHA512f2b57a2eea00f52a3c7080f4b5f2bb85a7a9b9f16d12da8f8ff673824556c62a0f742b72be0fd82a2612a4b6dbd7e0fdc27065212da703c2f7e28d199696f66e
-
Filesize
16KB
MD5acfb66ee6fc1f4266229ec6098fe1740
SHA1e1aeb31b11996015d7f17308e2f2bbe69d4e1476
SHA2566d7e8070fa09cc4bb66fb99c2b88d0f5419602fa64a519437f430d9378300b1e
SHA512bf0b5b22c57c08c88b4cbdd75bdf0c8eac433d42b4d163349391b71bc44d913e4d0e28e0826a7c27b418e6d2aa37c08c90577b56baa946a8f129486fbe01c303
-
Filesize
762B
MD5cb19f50a458d9f2d4d30bfdbb286100d
SHA1a23609a1dd3a1b94745391eeb8173630557e8885
SHA256c764c814b232e5970a16bd9c1572c57ae0ef8ed7abc2d4d1431ca65db46f3ed6
SHA512aa3593034560e8411b22acda4c63b56e89978bf1223ed9fea1d21ae541c9847bac303e75885c99d6381a41d3648e01c77b1ef7272d4cf39d2c1a83d24c7ddd7e
-
Filesize
16KB
MD524a7a119e289f1b5b69f3d6cf258db7c
SHA1fec84298f9819adf155fcf4e9e57dd402636c177
SHA256ae53f8e00574a87dd243fdf344141417cfe2af318c6c5e363a030d727a6c75d1
SHA512fdbbedcc877bf020a5965f6ba8586ade48cfbe03ac0af8190a8acf077fb294ffd6b5a7ae49870bff8cacd9e33d591be63b5b3d5c2e432c640212bdcd0c602861