General

  • Target

    dolphin-x64-5.0.exe

  • Size

    18.4MB

  • Sample

    240411-wzgxbace8x

  • MD5

    eca48982effad82616f206f52336fe4b

  • SHA1

    4d88af3572de650b0b7dccd92dc8de5854edfae6

  • SHA256

    e1b3ae8fc890c6588e5656f77ef2747ae7ddfc90b6530b240c0c5b9d0ab3ce8c

  • SHA512

    778755b2d12c703a2954882a4d333b7cb61ee7ed0482b5cb14c1cbc4b90c8b65f308944a2f9369a89fc54d163c613efc65adf70316c08d447183f65637fcb557

  • SSDEEP

    393216:Y1qyjt4rPX8zs3XxdbHNemtqa7JhnurHTl0WcS4ENyQ4p9Jmm+:Y1qyZePX8khdbtecqa7JhnurHirhENys

Score
7/10

Malware Config

Targets

    • Target

      dolphin-x64-5.0.exe

    • Size

      18.4MB

    • MD5

      eca48982effad82616f206f52336fe4b

    • SHA1

      4d88af3572de650b0b7dccd92dc8de5854edfae6

    • SHA256

      e1b3ae8fc890c6588e5656f77ef2747ae7ddfc90b6530b240c0c5b9d0ab3ce8c

    • SHA512

      778755b2d12c703a2954882a4d333b7cb61ee7ed0482b5cb14c1cbc4b90c8b65f308944a2f9369a89fc54d163c613efc65adf70316c08d447183f65637fcb557

    • SSDEEP

      393216:Y1qyjt4rPX8zs3XxdbHNemtqa7JhnurHTl0WcS4ENyQ4p9Jmm+:Y1qyZePX8khdbtecqa7JhnurHirhENys

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      d753362649aecd60ff434adf171a4e7f

    • SHA1

      3b752ad064e06e21822c8958ae22e9a6bb8cf3d0

    • SHA256

      8f24c6cf0b06d18f3c07e7bfca4e92afce71834663746cfaa9ddf52a25d5c586

    • SHA512

      41bf41add275867553fa3bd8835cd7e2a2a362a2d5670ccbfad23700448bad9fe0f577fb6ee9d4eb81dfc10d463b325b8a873fe5912eb580936d4ad96587aa6d

    • SSDEEP

      192:3Gs+dH4+oQOTgDbzuNfrigyULWsXXZF/01JJijnK72dwF7dBEnbok:3GvdH4qMebzPY2Vijn+BEnbo

    Score
    3/10
    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      e447e49175c0db1f27888aede301084f

    • SHA1

      f5946c743265cd8e81f3e7b6376dada57f99877f

    • SHA256

      fd26ef21d72797fedecd3d15f2001cea793383aceb3cee19a5ae2a3d30e197b6

    • SHA512

      e6543bf81bedce94a58f48cd6f9daaec891775e01ff76b771c22d459a778490f9bba0bebbf111b1ca3091b3ca69bca806a9b5e68ce12df03abbaa6ce5c4b7cec

    • SSDEEP

      48:iV6qAvq8WeMPUptuM4Z+0x/ImnycNSCwVYOY4vnpXTHhHX/JvR0Jaof5d2:2ZplJ5ZbnycNSCwVYTwFB3ZR0td2

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      56a321bd011112ec5d8a32b2f6fd3231

    • SHA1

      df20e3a35a1636de64df5290ae5e4e7572447f78

    • SHA256

      bb6df93369b498eaa638b0bcdc4bb89f45e9b02ca12d28bcedf4629ea7f5e0f1

    • SHA512

      5354890cbc53ce51081a78c64ba9c4c8c4dc9e01141798c1e916e19c5776dac7c82989fad0f08c73e81aaba332dad81205f90d0663119af45550b97b338b9cc3

    • SSDEEP

      192:uv+cJZE61KRWJQO6tFiUdK7ckK4k7l1XRBm0w+NiHi1GSJ:uf6rtFRduQ1W+fG8

    Score
    3/10
    • Target

      infinst.exe

    • Size

      68KB

    • MD5

      45d4dac07aa361bcd77aa815d1724a16

    • SHA1

      3bbdf7da5d51211ae269572961b5ebf508ada28d

    • SHA256

      34ab99536ea59ad60ba6efda3ea6d18291ef096a0bab3664248d6045805da0ec

    • SHA512

      d940002a8e0112a3b56a909008403b447e9cbb80e38b9bbd508f40aa68224f7e5d9681e1039e747ae939e0829a25be2319b9f9d0862cebb042e4c525ccbc20be

    • SSDEEP

      1536:dSKL6bzRYK/ixmu3XyhJRxjWhKfLXJ/y/Fae:dSKL62K/u3XmxCAfLXJ/y/E

    Score
    4/10
    • Target

      xinput1_3.dll

    • Size

      104KB

    • MD5

      bfb3091b167550ec6e6454813d3db244

    • SHA1

      87e86a7c783f607697a4880e7e063ab87bf63034

    • SHA256

      756cad002e1553cfa1a91ebe8c1b9380ffabe0b4b1916c4a4db802396ddfbef8

    • SHA512

      ce2ead2480a3942081af4df4baee32de18862b5f0288169b9e8135cc710eb128f9a2b8a36bda87212c53fd4317359349c94d38b5da082638230dcb5669efede9

    • SSDEEP

      1536:S1ea+pg4i1fprOwSGiExJ70MBzLrPbYMGsJ0OXrLSkfmrxy/Fae:S1nz1UrGiEPg0LH7GNO7LSkfaxy/E

    Score
    1/10
    • Target

      xinput1_3.dll

    • Size

      79KB

    • MD5

      77f595dee5ffacea72b135b1fce1312e

    • SHA1

      d2a710b332de3ef7a576e0aed27b0ae66892b7e9

    • SHA256

      8d540d484ea41e374fd0107d55d253f87ded4ce780d515d8fd59bbe8c98970a7

    • SHA512

      a8683050d7758c248052c11ac6a46c9a0b3b3773902cca478c1961b6d9d2d57c75a8c925ba5af4499989c0f44b34eaf57abafafa26506c31e5e4769fb3439746

    • SSDEEP

      1536:TVeqvNS6T6jxeEsU6b0xZtDDVb9X8u9JA7zitdrz/R8cy/FaeBD:TVeqvNOeFgxZ9DVVtRBy/EeD

    Score
    1/10
    • Target

      $TEMP/dxredist/DSETUP.dll

    • Size

      93KB

    • MD5

      eb701def7d0809e8da765a752ab42be5

    • SHA1

      7897418f0fae737a3ebe4f7954118d71c6c8b426

    • SHA256

      2a61679eeedabf7d0d0ac14e5447486575622d6b7cfa56f136c1576ff96da21f

    • SHA512

      6ff8433c0dadc0e87d18f04289ab6f48624c908acbda506708f5e0f3c9522e9316e587e71f568938067ba9f37f96640b793fdfaa580caedc3bf9873dc221271f

    • SSDEEP

      1536:Bc8tBKv1HCyODN2wjIqlLmqxY3AMVI4I9okOEvc0/c/sZRYltL26VVE2S+JJqsHy:BftQv1iyODswNLmqxY3AMV71Ev54EAxM

    Score
    4/10
    • Target

      $TEMP/dxredist/DXSETUP.exe

    • Size

      505KB

    • MD5

      bf3f290275c21bdd3951955c9c3cf32c

    • SHA1

      9fd00f3bb8a870112dae464f555fcd5e7f9200c0

    • SHA256

      8f47d7121ef6532ad9ad9901e44e237f5c30448b752028c58a9d19521414e40d

    • SHA512

      d2c354ee8b6977d01f23c6d2bb4977812bf653eae25e7a75a7d0a36b588c89fcdbdc2a8087c24d6ff687afebd086d4b7d0c92203ce39691b21dab71eafd1d249

    • SSDEEP

      3072:Qi6LKKSPluzye9iHWptICTrbusJxDO9insyH6+PJTOramZap5XVeR4zW1mFD1gbH:8UHWDICTmUxDpEa04+GU

    Score
    4/10
    • Target

      $TEMP/dxredist/dsetup32.dll

    • Size

      1.5MB

    • MD5

      d8fa7bb4fe10251a239ed75055dd6f73

    • SHA1

      76c4bd2d8f359f7689415efc15e3743d35673ae8

    • SHA256

      fb0e534f9b0926e518f1c2980640dfd29f14217cdfa37cf3a0c13349127ed9a8

    • SHA512

      73f633179b1340c1c14d0002b72e44cab1919d0ef174f307e4bfe6de240b0b6ef233e67a8b0a0cd677556865ee7b88c6de152045a580ab9fbf1a50d2db0673b4

    • SSDEEP

      24576:CIQ+ddddddddddddddxOOOOOOOOOOOOOO2iWeXiWeXiWeXiWeXiWeXiWeXiWeXi+:CIQsOOOOOOOOOOOOOO2iWeXiWeXiWeXf

    Score
    4/10
    • Target

      dxupdate.dll

    • Size

      173KB

    • MD5

      7ed554b08e5b69578f9de012822c39c9

    • SHA1

      036d04513e134786b4758def5aff83d19bf50c6e

    • SHA256

      fb4f297e295c802b1377c6684734b7249d55743dfb7c14807bef59a1b5db63a2

    • SHA512

      7af5f9c4a3ad5c120bcdd681b958808ada4d885d21aeb4a009a36a674ad3ece9b51837212a982db6142a6b5580e5b68d46971b802456701391ce40785ae6ebd9

    • SSDEEP

      3072:KU6LKKnw8i/9S7BLGKm/nuFV3uNgosUBxr+2y97CqGIpHtWMeJnQRLj+bTHyKaY:Iw8aIMrfuFVeNgosUBxra4rIZsqq

    Score
    3/10
    • Target

      $TEMP/vcredist/vc_redist.x64.exe

    • Size

      14.1MB

    • MD5

      883c499d04c145a69622f7658e353265

    • SHA1

      bb64084762abd4a06b2fddd16f0092860bc3043f

    • SHA256

      df58f4aa566a10776c864c1007e0ac0987835fa1e9f7445bed8ba21a9101d414

    • SHA512

      ce840c9420e928c9da6c30c3cd97eeb047d34ee7046b8cfcd20b512fbddfe885329ab4db3ca53f7094bf1caeb600c834cb2db10797ceade859c21786144206c9

    • SSDEEP

      393216:wP8lp+dkBSuF2SfUfn6+59KPrl+iiWxnP42:Tp+Ty2SfUfn/KPsP2

    Score
    7/10
    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      Dolphin.exe

    • Size

      14.9MB

    • MD5

      9660ec7cddf093a1807cb25fe0946b8e

    • SHA1

      5986661c62d689380476db238d7c18fa37d1b616

    • SHA256

      19d5c382204d7e40a764e116967aec610f502b9be60b9d3b095073827aa93c66

    • SHA512

      5213c828d4f0742c3cde59ceea7b111a1402779602f09fa5e898083b07f2860bb33119f97741bc049fefc0cd745879d22a12dc37ece8e0dd8b308dcc84079755

    • SSDEEP

      196608:HgfH5UoUTKklTNrDatogipuoBvfU2+YOcfyOGXutM8/:A/5UomlTNMogipuoBvfU2bOevGeP/

    Score
    6/10
    • Drops desktop.ini file(s)

    • Target

      OpenAL32.dll

    • Size

      778KB

    • MD5

      8091d616ce52e75e6631d785289bf168

    • SHA1

      9b66bc99faa688c151e871bb5af27270889bdbf8

    • SHA256

      0603c00bb8c96f6b4c88d20da4bd635ef41708f9963d4d139f53d3b28defd557

    • SHA512

      64d67263c6438df30d57bb328e7f7c1f9251cddaaf8bde19ad77624b8cb6858d736f62e952ce665c12f73a55aa232d922ce9aa7ec660c1dec099b404def5cd01

    • SSDEEP

      12288:Hy5Zq47002aoZxt/V4cLVMopDSzutFWAMKq9t:OKLztzrpDXFMKq9t

    Score
    1/10
    • Target

      Sys/GameSettings/GALE01r2.ini

    • Size

      24KB

    • MD5

      aa279f641e8778456ec4f7bd8cf919d8

    • SHA1

      495a2aacd76b2dd593aad32a5c4fb1aa67e455cd

    • SHA256

      8adb5b03da003906a97bd51c193866115fb8a6c005eb332f84f36a4300a15110

    • SHA512

      dd42aa2cc33037e2ec310b0f362823feed2e33083812ec61b9a75e15a78a357d3de3f0e687b6a043818e962bbdac24a0b4673b65d465dbc484ba220e3f7973d6

    • SSDEEP

      768:R6tuv9KK9r979IanUj9KK9r979wUmUvkC9blBHjI:ItuvLJlyanUjLJli7snxU

    Score
    1/10
    • Target

      Sys/GameSettings/GZ2J01.ini

    • Size

      1KB

    • MD5

      fea40880ffbd685cdd0709ece4c30074

    • SHA1

      6f0365dc02fea5ec4323f718d4f46cdc49691a79

    • SHA256

      0c115d7879e8bfbfa3535fa875ab10b1a36ad87c6b26e7f8fccfb6c221f98e07

    • SHA512

      887cbd4546362895d739440786666a57f1c2a1e23e21b2579d9c42c67a727df0afaabde0c052ff587c5cf6cf5923aab0791d5839de89fe40485f62c321a5e21a

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks