172eb15e380b0c296ba32a90b59b1a90cc2423b34635af2778dee9be97e43fc9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

WaveSpoofer.zip
Size

21KB
Sample

240430-29mhfaab9s
MD5

dd0f6f06aa38ce0edfeb4cea3e1ec287
SHA1

eab2aa2ad756570bdcc6b6bb7de8172530709d13
SHA256

172eb15e380b0c296ba32a90b59b1a90cc2423b34635af2778dee9be97e43fc9
SHA512

d3d665a72ddcdb0ce6300375b28a3e09da7456cedf7708dacd5b8d2743a4c9cbc5dd4c757fbd4e92b631fd3595c189de36f916c0c634a8056e4b753dbeffdb9e
SSDEEP

384:URYLQjxpCQppEZpiM9z8VFUKjwIT4Y8FxXZV6iyvJXxz0VdWh7E8fh8BT3JW:1LQjPPSZpsF3zgqvJB3hSBjJW

Score

6^/10

Malware Config

Targets

- Target
  
  Wave Spoofer/Drive_Remover.bat
- Size
  
  13KB
- MD5
  
  0c345568b15f4163d3955388cfa615f4
- SHA1
  
  069c7b499e8f68fb90d316d6114440ef762507d6
- SHA256
  
  28dc4e8c24c16af0910f3542ec8ae12376e668e45ba310a7f25c87ab4bfb89e8
- SHA512
  
  d4619bbb7bfeccf0bb3ea7259fec6a8324aadd544017ee0df0390339d112fd0ced6707d91fc5036faf2c4cbcc9326c4ba57befbbdf909c2306c109acdba6c543
- SSDEEP
  
  192:dIo4yR9Y9A/r1/kMUnNLyCYSvGOqHQ28lh9YDpqWkSyt1ninmdKgZ:3xR9hjF/UnECROBClh9YDpDkSy3inlo
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2
- Target
  
  Wave Spoofer/HWID-Checker.cmd
- Size
  
  395B
- MD5
  
  78ed3be694002d971199fc6e49084efb
- SHA1
  
  04f3952fe2e53908c39f02b053b5dd6c6e32a6de
- SHA256
  
  a78efec566a8564fb179e46c095eecb2c6ac05f8f54c0a11402d1a2e22fb95b4
- SHA512
  
  526b0fa16dab271e053e1eff59cfd45348a794cc4c19b516afd4b19f66f67f80ee39e630da341d81e9b3d23693724a77895c039f97f5538171c38fa57bde7ba6
Score

1^/10
behavioral3 behavioral4
- Target
  
  Wave Spoofer/Permament_Mac_Changer.bat
- Size
  
  1KB
- MD5
  
  707c798832f76eb383a0501b2773ec32
- SHA1
  
  3ebd0413af9929109ea0eb0045a2d26a256e771f
- SHA256
  
  940f3e68e62ad73c0668e854d821d88eacc8ea8fb8e130e42a34368ae9f5852e
- SHA512
  
  13e92ef958cfcc5686a2886b4a011f2287ec261028db0c6816d738eb715490d69ca37f8232e7bb3bebd5d49ce65bf4b9f55ae12d4af056bf569e5a1dba2f3da9
Score

1^/10
behavioral5 behavioral6
- Target
  
  Wave Spoofer/WaveSpoofer.exe
- Size
  
  69KB
- MD5
  
  5f53f8b891b3b01c37c9a0ef93fdf628
- SHA1
  
  2f2f4d61b0ba91245b1a900398ae90b50a348e61
- SHA256
  
  128addb6cc4bcfdcf37af0f778383137cfc431bc1c21fe931349735df208e738
- SHA512
  
  f9de207e371c2521a966e27135173e5661664c464c952404abf7244cc8336668d03b35f65d580edd7f52c32d91519ea6bb94b680e40303a5301386a2567a0a2c
- SSDEEP
  
  384:uvbiz1RdZaw2gTwBFeTn0vy5AZkMTNIRzQ03sVwXw8zHYG4660Hu0HuvyQfBmrpM:uw+5KsyqZSbFXwEYGp6l37BmnAS9dm
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8