Overview

overview

7

Static

static

3

sunshine-w...er.exe

windows7-x64

7

sunshine-w...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

1

$PLUGINSDI...ns.dll

windows10-2004-x64

1

$PLUGINSDI...nu.dll

windows7-x64

1

$PLUGINSDI...nu.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

1

$PLUGINSDI...em.dll

windows10-2004-x64

1

$PLUGINSDI...fo.dll

windows7-x64

1

$PLUGINSDI...fo.dll

windows10-2004-x64

1

$PLUGINSDI...ec.dll

windows7-x64

1

$PLUGINSDI...ec.dll

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...fo.dll

windows7-x64

1

$PLUGINSDI...fo.dll

windows10-2004-x64

1

$PLUGINSDI...ec.dll

windows7-x64

1

$PLUGINSDI...ec.dll

windows10-2004-x64

1

assets/web/apps.html

windows7-x64

1

assets/web/apps.html

windows10-2004-x64

1

assets/web...ff0.js

windows7-x64

1

assets/web...ff0.js

windows10-2004-x64

1

assets/web...521.js

windows7-x64

1

assets/web...521.js

windows10-2004-x64

1

assets/web...ba4.js

windows7-x64

1

assets/web...ba4.js

windows10-2004-x64

1

assets/web...39f.js

windows7-x64

1

assets/web...39f.js

windows10-2004-x64

1

assets/web...807.js

windows7-x64

1

assets/web...807.js

windows10-2004-x64

1

assets/web...0ef.js

windows7-x64

1

assets/web...0ef.js

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    sunshine-windows-installer.exe

  • Size

    10.9MB

  • MD5

    729d5f57e542c33e4c7ab0fcb8a3b710

  • SHA1

    933fa1646f5a55cc04beb6242d4595129f776826

  • SHA256

    f5abfe4213600d06250088a763b9148b290272a08d93610aa7aafaab6ac8b456

  • SHA512

    3f838efe4c39255f002faaed844cf95df0df630f71c3c57b6e9cd56f26b74f219ec2886ec356545a2697d52ae02594d77cf8cf7eb98dbe0858afdd7cdab17917

  • SSDEEP

    196608:UfCZeKv+HOqldvDeZlYHXA9tpVP+fNBckDrCWatySpKRhuBDeKFyL5k7ARMYMLe7:4CtvFWhDQ+Hw9tpVm1jD4boEnY5pMzZq

Score
3/10

Malware Config

Signatures

  • Unsigned PE 15 IoCs

    Checks for missing Authenticode signature.

Files

  • sunshine-windows-installer.exe
    .exe windows:4 windows x64 arch:x64

    c0f430a142bcdc701f4a3bdc3d2c6a84


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x64 arch:x64

    05819310b75421aa191b541c88aafa6f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSIS.InstallOptions.ini
  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x64 arch:x64

    511c5f608df90f14ce6f4dd457c4ff2a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x64 arch:x64

    cf8eee620b3371ff06e99c34f39ea84c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x64 arch:x64

    6999456a03b632cf650f212358b1c70e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x64 arch:x64

    74ba91b9fcb5a967b84ea9b49217f8d2


    Headers

    Imports

    Exports

    Sections

  • Uninstall.exe
    .exe windows:4 windows x64 arch:x64

    c0f430a142bcdc701f4a3bdc3d2c6a84


    Headers

    Imports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x64 arch:x64

    6999456a03b632cf650f212358b1c70e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x64 arch:x64

    74ba91b9fcb5a967b84ea9b49217f8d2


    Headers

    Imports

    Exports

    Sections

  • assets/apps.json
  • assets/box.png
    .png
  • assets/desktop-alt.png
    .png
  • assets/desktop.png
    .png
  • assets/shaders/directx/convert_yuv420_packed_uv_type0_ps.hlsl
  • assets/shaders/directx/convert_yuv420_packed_uv_type0_ps_linear.hlsl
  • assets/shaders/directx/convert_yuv420_packed_uv_type0_ps_perceptual_quantizer.hlsl
  • assets/shaders/directx/convert_yuv420_packed_uv_type0_vs.hlsl
  • assets/shaders/directx/convert_yuv420_planar_y_ps.hlsl
  • assets/shaders/directx/convert_yuv420_planar_y_ps_linear.hlsl
  • assets/shaders/directx/convert_yuv420_planar_y_ps_perceptual_quantizer.hlsl
  • assets/shaders/directx/convert_yuv420_planar_y_vs.hlsl
  • assets/shaders/directx/cursor_ps.hlsl
  • assets/shaders/directx/cursor_ps_normalize_white.hlsl
  • assets/shaders/directx/cursor_vs.hlsl
  • assets/shaders/directx/include/base_vs.hlsl
  • assets/shaders/directx/include/base_vs_types.hlsl
  • assets/shaders/directx/include/common.hlsl
  • assets/shaders/directx/include/convert_base.hlsl
  • assets/shaders/directx/include/convert_linear_base.hlsl
  • assets/shaders/directx/include/convert_perceptual_quantizer_base.hlsl
  • assets/shaders/directx/include/convert_yuv420_packed_uv_ps_base.hlsl
  • assets/shaders/directx/include/convert_yuv420_planar_y_ps_base.hlsl
  • assets/steam.png
    .png
  • assets/web/apps.html
    .html
  • assets/web/assets/Navbar-48ec9d0d.css
  • assets/web/assets/Navbar-4fa05ff0.js
    .js
  • assets/web/assets/ResourceCard-85906521.js
  • assets/web/assets/_plugin-vue_export-helper-56074fbc.css
  • assets/web/assets/_plugin-vue_export-helper-63b51ba4.js
    .js
  • assets/web/assets/apps-f0a1239f.js
    .js
  • assets/web/assets/config-56661807.js
    .js
  • assets/web/assets/fa-brands-400-3a8924cd.woff2
  • assets/web/assets/fa-brands-400-5656d596.ttf
  • assets/web/assets/fa-regular-400-2bccecf0.woff2
  • assets/web/assets/fa-regular-400-5d02dc9b.ttf
  • assets/web/assets/fa-solid-900-9fc85f3a.woff2
  • assets/web/assets/fa-solid-900-fbbf06d7.ttf
  • assets/web/assets/fa-v4compatibility-09663a36.ttf
  • assets/web/assets/fa-v4compatibility-4d4a2d7f.woff2
  • assets/web/assets/index-4db940ef.js
    .js
  • assets/web/assets/password-537fcfab.js
    .js
  • assets/web/assets/pin-92c23863.js
    .js
  • assets/web/assets/troubleshooting-894850dd.js
    .js
  • assets/web/assets/welcome-e3607f01.js
    .js
  • assets/web/config.html
    .html
  • assets/web/images/logo-sunshine-16.png
    .png
  • assets/web/images/logo-sunshine-45.png
    .png
  • assets/web/images/sunshine-locked-16.png
    .png
  • assets/web/images/sunshine-locked-45.png
    .png
  • assets/web/images/sunshine-locked.ico
  • assets/web/images/sunshine-locked.png
    .png
  • assets/web/images/sunshine-locked.svg
    .xml
  • assets/web/images/sunshine-pausing-16.png
    .png
  • assets/web/images/sunshine-pausing-45.png
    .png
  • assets/web/images/sunshine-pausing.ico
  • assets/web/images/sunshine-pausing.png
    .png
  • assets/web/images/sunshine-pausing.svg
    .xml
  • assets/web/images/sunshine-playing-16.png
    .png
  • assets/web/images/sunshine-playing-45.png
    .png
  • assets/web/images/sunshine-playing.ico
  • assets/web/images/sunshine-playing.png
    .png
  • assets/web/images/sunshine-playing.svg
    .xml
  • assets/web/images/sunshine.ico
  • assets/web/index.html
    .html
  • assets/web/password.html
    .html
  • assets/web/pin.html
    .html
  • assets/web/troubleshooting.html
    .html
  • assets/web/welcome.html
    .html
  • scripts/add-firewall-rule.bat
    .bat .vbs
  • scripts/autostart-service.bat
  • scripts/delete-firewall-rule.bat
  • scripts/install-gamepad.bat
    .bat .vbs
  • scripts/install-service.bat
    .bat .vbs
  • scripts/migrate-config.bat
  • scripts/uninstall-gamepad.bat
  • scripts/uninstall-service.bat
  • sunshine.exe
    .exe windows:4 windows x64 arch:x64

    b3c78471bad4596a9623fe35638c2e4b


    Headers

    Imports

    Exports

    Sections

  • tools/audio-info.exe
    .exe windows:4 windows x64 arch:x64

    4f8a8e9746db35a6488e45db8b31f3a8


    Headers

    Imports

    Sections

  • tools/ddprobe.exe
    .exe windows:4 windows x64 arch:x64

    49969aa25812e0c2a1053b712ce54d8f


    Headers

    Imports

    Sections

  • tools/dxgi-info.exe
    .exe windows:4 windows x64 arch:x64

    d5c97d25ea5487a2d2a9ae561960b5d9


    Headers

    Imports

    Sections

  • tools/sunshinesvc.exe
    .exe windows:4 windows x64 arch:x64

    8809b3bacecc0a937307b5f7d96a54c7


    Headers

    Imports

    Sections

  • zlib1.dll
    .dll windows:4 windows x64 arch:x64

    0362b276bf74944aaf0d04f3240210cd


    Headers

    Imports

    Exports

    Sections