f445ea286969be497afb61fb836cb054a5d1a4c909e2071c75bd7f0d48cde2e5 | Triage

Sharing

General

Target

dolphin-anty-win-latest (1).exe
Size

216.4MB
Sample

240428-w6ck6sec5t
MD5

771096e2caa2b65c16fe57b7c08fcace
SHA1

2273124e0fffe9c6baea23a5a1f74107f674def3
SHA256

f445ea286969be497afb61fb836cb054a5d1a4c909e2071c75bd7f0d48cde2e5
SHA512

0051771697d8241f39804c112d71670cb0b05806ab1abb94c1dd4928e0847d1470164bc366c2f4a311d46c0c21608bb6067469ecd12266e7c17bb2b44d3b18cc
SSDEEP

6291456:l1Z9v+3gRWmy0Jwv3Q1Z9v+3gSRjnOg8sabd+Yz:nxWmlw2yRzxccK

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  dolphin-anty-win-latest (1).exe
- Size
  
  216.4MB
- MD5
  
  771096e2caa2b65c16fe57b7c08fcace
- SHA1
  
  2273124e0fffe9c6baea23a5a1f74107f674def3
- SHA256
  
  f445ea286969be497afb61fb836cb054a5d1a4c909e2071c75bd7f0d48cde2e5
- SHA512
  
  0051771697d8241f39804c112d71670cb0b05806ab1abb94c1dd4928e0847d1470164bc366c2f4a311d46c0c21608bb6067469ecd12266e7c17bb2b44d3b18cc
- SSDEEP
  
  6291456:l1Z9v+3gRWmy0Jwv3Q1Z9v+3gSRjnOg8sabd+Yz:nxWmlw2yRzxccK
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1
- Target
  
  Dolphin Anty.exe
- Size
  
  168.6MB
- MD5
  
  2f711422d2e8700a0f2b423681566524
- SHA1
  
  2b7eb92ea1ca882caafca5e332ea3aff1c805d1e
- SHA256
  
  569b7bebd18f96d7774614d535d30e5f4b47615581bc94b49b9ea0c02c8cf41b
- SHA512
  
  bbcf087b92ecfe0686db1dc67aaf8ad0a0e17ab42cd79e7704e535f5dcbe6e8376dbf2fa503d468b8ba1533306ead383e61ab3315a25d0803289428acdf34075
- SSDEEP
  
  1572864:eI/Lersitaya/Z2fU8sFcIM4L0l22Hb472TGB2+2T1PD7d00j+ohdOq6g5AgO8x5:dMY/KnD45KKb8xG
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral2
- Target
  
  $R0/Uninstall Dolphin Anty.exe
- Size
  
  221KB
- MD5
  
  a33b60a20bc0290e7408142aad2fffc0
- SHA1
  
  af8f75318280a41cd302fae286c7417b4f2f3220
- SHA256
  
  5aa9e15ddef12a6e810fc579db859d15c226ec1b81edd4128b3dd1a600c8c5e6
- SHA512
  
  c542458e64f9860894c244845fe42bb4bc060699f8aaf2d7516c6e88e3ecd042133b05fbe893e8368213da9e039de66cba3c05042d3e19738bfdcaa42d3dd91f
- SSDEEP
  
  6144:w740IkfEUs9T2GfDBf+ou2g//k/ifI2Uaq2t0EyL+2iaI:qpKXl6f3oRK2ZI
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3