Overview
overview
4Static
static
4McDonnell ...al.pdf
windows7-x64
1McDonnell ...al.pdf
windows10-2004-x64
1McDonnell ...IT.dds
windows7-x64
3McDonnell ...IT.dds
windows10-2004-x64
3McDonnell ...gs.dds
windows7-x64
3McDonnell ...gs.dds
windows10-2004-x64
3McDonnell ...as.png
windows7-x64
1McDonnell ...as.png
windows10-2004-x64
3McDonnell ...er.png
windows7-x64
1McDonnell ...er.png
windows10-2004-x64
3McDonnell ...zq.png
windows7-x64
1McDonnell ...zq.png
windows10-2004-x64
3McDonnell ...RM.png
windows7-x64
1McDonnell ...RM.png
windows10-2004-x64
3McDonnell ...RM.png
windows7-x64
1McDonnell ...RM.png
windows10-2004-x64
3McDonnell ...RM.png
windows7-x64
1McDonnell ...RM.png
windows10-2004-x64
3McDonnell ...ll.obj
windows7-x64
3McDonnell ...ll.obj
windows10-2004-x64
3McDonnell ...ts.obj
windows7-x64
3McDonnell ...ts.obj
windows10-2004-x64
3McDonnell ...in.xpl
ubuntu-20.04-amd64
1McDonnell ...in.dll
windows7-x64
1McDonnell ...in.dll
windows10-2004-x64
1McDonnell ...nit.js
windows7-x64
3McDonnell ...nit.js
windows10-2004-x64
3McDonnell ...rds.js
windows7-x64
3McDonnell ...rds.js
windows10-2004-x64
3General
-
Target
McDonnell Douglas MD-80.zip
-
Size
264.4MB
-
Sample
240505-v6694sbd79
-
MD5
e22837f2ef46154536e8e4f8c34031b0
-
SHA1
74adc116ce07e730fac6d76eecf26a2532c08929
-
SHA256
27c322d5b556bb17943477dfc35cbd1130f12eaac7f9657580333620215c7d6e
-
SHA512
1fd2324d8ab6c1aa0c9dd3ebd7883708a4affaf6e68330469fff7262b4a2c6f4d42351803e0d19d5caa37118d845873f20c5fbb5446de65cf4c4b7248f6d6e87
-
SSDEEP
6291456:w+vut6CTTwAb1QwA7mRzL6mAxy4wEH0+cVAoUzpeuVe5:w1jwe1Qb7eHQy4wscG3t5Ve5
Behavioral task
behavioral1
Sample
McDonnell Douglas MD-80/X-Plane MD-82 Pilot Operating Manual.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
McDonnell Douglas MD-80/X-Plane MD-82 Pilot Operating Manual.pdf
Resource
win10v2004-20240419-en
Behavioral task
behavioral3
Sample
McDonnell Douglas MD-80/liveries/Alaska Airlines/objects/tail_LIT.dds
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
McDonnell Douglas MD-80/liveries/Alaska Airlines/objects/tail_LIT.dds
Resource
win10v2004-20240419-en
Behavioral task
behavioral5
Sample
McDonnell Douglas MD-80/liveries/Alaska Airlines/objects/wings.dds
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
McDonnell Douglas MD-80/liveries/Alaska Airlines/objects/wings.dds
Resource
win10v2004-20240419-en
Behavioral task
behavioral7
Sample
McDonnell Douglas MD-80/liveries/Northwest/objects/md80_alas.png
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
McDonnell Douglas MD-80/liveries/Northwest/objects/md80_alas.png
Resource
win10v2004-20240419-en
Behavioral task
behavioral9
Sample
McDonnell Douglas MD-80/liveries/Northwest/objects/md80_cola_der.png
Resource
win7-20240220-en
Behavioral task
behavioral10
Sample
McDonnell Douglas MD-80/liveries/Northwest/objects/md80_cola_der.png
Resource
win10v2004-20240419-en
Behavioral task
behavioral11
Sample
McDonnell Douglas MD-80/liveries/Northwest/objects/md80_cola_izq.png
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
McDonnell Douglas MD-80/liveries/Northwest/objects/md80_cola_izq.png
Resource
win10v2004-20240419-en
Behavioral task
behavioral13
Sample
McDonnell Douglas MD-80/objects/cockpit_instr_NRM.png
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
McDonnell Douglas MD-80/objects/cockpit_instr_NRM.png
Resource
win10v2004-20240419-en
Behavioral task
behavioral15
Sample
McDonnell Douglas MD-80/objects/cockpit_overhead_NRM.png
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
McDonnell Douglas MD-80/objects/cockpit_overhead_NRM.png
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
McDonnell Douglas MD-80/objects/cockpit_panel_NRM.png
Resource
win7-20231129-en
Behavioral task
behavioral18
Sample
McDonnell Douglas MD-80/objects/cockpit_panel_NRM.png
Resource
win10v2004-20240419-en
Behavioral task
behavioral19
Sample
McDonnell Douglas MD-80/objects/prefill.obj
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
McDonnell Douglas MD-80/objects/prefill.obj
Resource
win10v2004-20240419-en
Behavioral task
behavioral21
Sample
McDonnell Douglas MD-80/objects/seats.obj
Resource
win7-20240215-en
Behavioral task
behavioral22
Sample
McDonnell Douglas MD-80/objects/seats.obj
Resource
win10v2004-20240419-en
Behavioral task
behavioral23
Sample
McDonnell Douglas MD-80/plugins/xlua/64/lin.xpl
Resource
ubuntu2004-amd64-20240221-en
Behavioral task
behavioral24
Sample
McDonnell Douglas MD-80/plugins/xlua/64/win.dll
Resource
win7-20240221-en
Behavioral task
behavioral25
Sample
McDonnell Douglas MD-80/plugins/xlua/64/win.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral26
Sample
McDonnell Douglas MD-80/plugins/xlua/init.js
Resource
win7-20240221-en
Behavioral task
behavioral27
Sample
McDonnell Douglas MD-80/plugins/xlua/init.js
Resource
win10v2004-20240419-en
Behavioral task
behavioral28
Sample
McDonnell Douglas MD-80/plugins/xlua/scripts/md80_safeguards/md80_safeguards.js
Resource
win7-20240221-en
Behavioral task
behavioral29
Sample
McDonnell Douglas MD-80/plugins/xlua/scripts/md80_safeguards/md80_safeguards.js
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
McDonnell Douglas MD-80/X-Plane MD-82 Pilot Operating Manual.pdf
-
Size
10.7MB
-
MD5
f2c327db933222b3c8e39cc577e86274
-
SHA1
fbb8e8f6425c12e04e3b331179eebfaac2b6b2b7
-
SHA256
7d02a3b417be6e8c4157659cdec45a20fedd44cab05ead91bbb819be7a696120
-
SHA512
8c894eb00513c4c7a1b7ecd9f93b8edfc4b2d0f2053e54124bbf63f5cd66eec6196561d3700277d82437bbf57d1719f3e751bdd5d0dd9c6c5c163f41baab4f7b
-
SSDEEP
196608:/IXRjmAndmTnF/uttQqJ2tw+WIoWF4MRGQQJbhVI7Ig4CG7hMP9KevW:gXRjmAd/bmxHZq9+vW
Score1/10 -
-
-
Target
McDonnell Douglas MD-80/liveries/Alaska Airlines/objects/tail_LIT.dds
-
Size
1.3MB
-
MD5
d7329b92d2c7d98934820d7b4388da94
-
SHA1
83017bef5527fffb98be2850249d0925d9307cd5
-
SHA256
f17e6ab07e1e64f4d3dc8107b2f39a105ae4a2aec1e9cf64d1b6ba87e1276d61
-
SHA512
ebcc8eae4c10635177a644f017111ffe225d4c426fc7e5c0dfb64c4ff1d8208aa4a8ddfa584465fdb1d42b8b088ed70469975f3fa5a605d0ecc7cf812aa7c2e3
-
SSDEEP
3072:zobYMnm/CSG5g7s5FJXB0uO3tDoYPTLzXCpGlL+FhmwSbr0paLRW668z26yUJGQR:zKm/v0gsJALRQFhmwSbr0paLRW660x7/
Score3/10 -
-
-
Target
McDonnell Douglas MD-80/liveries/Alaska Airlines/objects/wings.dds
-
Size
1.3MB
-
MD5
7b4a51aa64a33bb838abaf15888a257e
-
SHA1
1ad761777f5308a4168df1d2699b32a54e76e1ef
-
SHA256
afddaea4ad0796ef06f1d6f72dd5708793551e933c47272389b41eacd9ce69d6
-
SHA512
db775051128dfeba568b6d5b46429ef2fca9aba97d3de0a558f612ce5f29d9ade3cb4485b78a71f4faabe128cc4b8805f04469546a49cce9105c26d2fb68a5d6
-
SSDEEP
12288:63ahA9NuCKemWlzEvzi0jdp7gRS/tXPt8b3Nq0XsyieuXuZ7yy8gDOYjgpNb2zYQ:7XaGbRjdp7jX+xqxyieu+pBDjUfq3t
Score3/10 -
-
-
Target
McDonnell Douglas MD-80/liveries/Northwest/objects/md80_alas.png
-
Size
25.3MB
-
MD5
4dd0181c118ded777de586c3eba1264e
-
SHA1
c6009dd4ca02355d53e101e8a3f7bd5938048511
-
SHA256
2952ce52fc1001645fdab2704d4df8ab12f9ffe07abd2dfbf580ad126149cc79
-
SHA512
8849d471c5725767e729a4974fd29c8a21e97052e21f9276dceb0d4a0844f57d8fe1842bf8e1cf762a0110c9d77b71c5a6bf5fcbf35cb6f46a8e61e2f865c31f
-
SSDEEP
393216:KNy0IsijT/+SnZP3noPdHAmKTZU71VZTsoHBUMIF7hai2InF7mqp2jCd1wgO7uJS:gy0IssHj9GbZTsEBVUnro01HOiVG
Score3/10 -
-
-
Target
McDonnell Douglas MD-80/liveries/Northwest/objects/md80_cola_der.png
-
Size
17.3MB
-
MD5
2e904b42cdca59a33d3b8b7110a162ca
-
SHA1
a6d0cab272e06919871c84211fed966d366898d9
-
SHA256
2795eab536870bef9caba2041b3dc6b613286b4b0812aaade48b5c9449544fd0
-
SHA512
1da664ccabb381e6e4524d635d979350d6d0e084eae132ce5b3378458137fb4d1b722997e03cfda115a9b302459a641554a22418f4ea41d930c906e2503e926b
-
SSDEEP
393216:TgBjBa4o0XynvpB85D7bI0yYG6Wrh3JWLPxzHgXcF9dQ+qvFNI:TgBM4oHnz85D7bkgih3JgCXOfd
Score3/10 -
-
-
Target
McDonnell Douglas MD-80/liveries/Northwest/objects/md80_cola_izq.png
-
Size
19.1MB
-
MD5
37f2acfc086384236f88050aebe5c291
-
SHA1
0580f951f4b9afe5e3dcc90db3b2b4572c22fb2c
-
SHA256
b499fecee872e8640919a89c3c4d62737b2d5a651366b1082d0ae0f0a67bd233
-
SHA512
cb49183b2de9a83890e9a3671dd77a0c786c59e9a6787a844b94918cb68e7973cd66a247a4e25595cb9b9d2d095a82338b3dfb9ad345b0b597d7abbe17978e8b
-
SSDEEP
393216:N4RepIHXw+aLEstZtzj6+prDV1FeaQuXoRNgX2UmEU0YV:xpeaL9V7pr7jnYXgH5YV
Score3/10 -
-
-
Target
McDonnell Douglas MD-80/objects/cockpit_instr_NRM.png
-
Size
436KB
-
MD5
dfbcc0f7fa32a5c6dc6ef250b1f840da
-
SHA1
8c70560ce7865d1374801452a4e1ee4673e4b2e9
-
SHA256
b23dcd7dd780ede38829db6a63adfd540ba960aa788bbcd0340e9f36a9f8188b
-
SHA512
1bb51a3dcf10fefbb2f2b6a3b07c1540e7daeefddaed882ad1716bf49e12c73d3f6e3dd1c7c2f2b4ef29ea1a315e2944344953980de9b7ce1a265da14d859b27
-
SSDEEP
12288:RlvjoNkPGjXeY7lExarwTLjOw7VIQjmoiGPFSQrXa:LsNygOYqxu0OkSojFRrXa
Score3/10 -
-
-
Target
McDonnell Douglas MD-80/objects/cockpit_overhead_NRM.png
-
Size
1.0MB
-
MD5
63bcb2e36ff17c5fb8acdcdaa026c81c
-
SHA1
1efd9d187b3dc96fe0e9547bf2188a93ae89d46e
-
SHA256
550e857453f69ebdb9de529d5ace65cd79460b562e95112faf09bc9745854bd6
-
SHA512
935f8869148669ff47a418dbd9048a3ddf9305d3d4854821550dd39d3662a0ecddbfd3a5c4521603e4b063266a25740710c7c77167e973e6a03923be61ee5fc2
-
SSDEEP
24576:P7HsbxXGfAFo+JJMgrZprkNGU1Uw/N8a/j6fAngGKIEQ:DHwTogj7yUBaQE
Score3/10 -
-
-
Target
McDonnell Douglas MD-80/objects/cockpit_panel_NRM.png
-
Size
1.4MB
-
MD5
78906374f8bc8e6ae841ebe0ff58c363
-
SHA1
00d36dc9ae44efbdcb5a7d41669eda899dc7a0ee
-
SHA256
5980c10959eadc47efe7b9f0e7784e350afaea2572e091ba8dc1704d82c7353d
-
SHA512
ee2daf0e239498609a02fb78395d2e31b0beacace38e289e6f6c1bcca7a1c43f45403d384c69329c6eeda5fbc944ea71411daa3c3d9c5625641c4a4551d91107
-
SSDEEP
24576:6LOhIRS8wt4n3VA/MI6dhKpsXbcyZgzZVS4068eQWRqGI7l1uj3Zsw2IxCO1:JhqS8wt43VAgospZwV0JWRq5p0bZXZx7
Score3/10 -
-
-
Target
McDonnell Douglas MD-80/objects/prefill.obj
-
Size
320KB
-
MD5
c7123d7deac715227f0cf4cabc8682ef
-
SHA1
cdb9c93c87961817393400401ec705750bc52b32
-
SHA256
267d71c9e0edb1e8b9e6b40e887de80f5ca2007995e650f531b45b1f3211fb63
-
SHA512
40941bb9f95e9e0c06668fafa39013b413aa28b3facf91c4002371de58cee3826f7f72e5e4397c944d1e64a5fb4e9c2718bffaaa5cbc5879ceaa99b554ea0c91
-
SSDEEP
1536:Pz6X/3RnDR3riWc5iAU8Q0uq+HDu8xeXPQ9dJpfDC4kQigyaB1PGoveFYO5O2m4k:S3eb/XofSr3YO5zm3LQWXGg
Score3/10 -
-
-
Target
McDonnell Douglas MD-80/objects/seats.obj
-
Size
9.5MB
-
MD5
ea7270857ca9b32e9b15c68534a960c2
-
SHA1
372a4432c747cb2f053a21e8711c35b0fee4381a
-
SHA256
cb0469565e96866af46b52703f10b03fe675f940b4996f9119aab9a867161849
-
SHA512
752aef1dd4e7a07bf89ef1bff618f3e7efa03713af517ef856c7bc45240f5b058f289222da3cd077d31009fc014275b760dc6e6430a1a7e5065c5e3c82cb2795
-
SSDEEP
3072:gewkCoGGs4DO5GGW+T/8h+O/veC7uQVrRhFShuCI5YPYY4WYZZ5OGVGoWzsTPcGV:adbgQStJh2GL
Score3/10 -
-
-
Target
McDonnell Douglas MD-80/plugins/xlua/64/lin.xpl
-
Size
610KB
-
MD5
c8dc6a5fc5462e1d3351016a8de3c7ea
-
SHA1
d6907ab208d4049331710e8215e0f7cd369dc32c
-
SHA256
7035372216c98675fe528b558ed8cea6aa03e6089f3b1b66e452f6fc5cddad47
-
SHA512
5adce8636d145b32fe3c99ec3d57afc9ea3613aec9e3e27dd03c538883ba378569829c1766aaf9677e7e7c6c98cbdc143143f7799b02d7957bd1bc9a1c492fed
-
SSDEEP
12288:6ue8KpufZw6Ibq8qVIxNjkfM8W1muFc10V:6YKqIQy58PW1/V
Score1/10 -
-
-
Target
McDonnell Douglas MD-80/plugins/xlua/64/win.xpl
-
Size
1.0MB
-
MD5
7d7ed0dad8ba2175205f229b39cd1ab8
-
SHA1
dc409c6b5e8296ab8e48432552b7525086b8c538
-
SHA256
31f515138a7141e89c7487dc4b06c42301674d5b4c8bae0b1832a5e92a698253
-
SHA512
34529ceaff4f80e10225108629b8a92dc66cbf705a75f02f4fa7b8dac19a56d4749bc1357e1383fd869e8bf36f4d734def2d8ea1764e85f9f6c2acb630ed0564
-
SSDEEP
24576:hpfmuH/xJCM3FgTVzGZVP5l3lSjRGLcJFoV5Wvd4JUiSGg3j:hxJCLTVzGZVP5qiPSGgT
Score1/10 -
-
-
Target
McDonnell Douglas MD-80/plugins/xlua/init.lua
-
Size
11KB
-
MD5
abcdb65fb102a9f48b1c284362a76a9a
-
SHA1
9a5436095a0979cbe884a41a71eac29a8fc53353
-
SHA256
d9ae6ed78f02c12e3a7e0918214967c821f9ff94cfca5767ed233859d1adcb4b
-
SHA512
49d42c8d25d62966c7a88d0b99084419e7a4071f756475d0c250f1d8c76fe97b4477b625f5607e497095f0b3d4a7268c2aa4949b482e6cf87ccfe7244d3c8338
-
SSDEEP
192:fl5i4dkAcuYIo+KAIKnDj6xZAVaE1wA4YjhRijWLgKrSMlZMoGG47Qv38j4WVstj:PLzYIo+KA3nDjcZFE1wA4Yjj7kKrRbMA
Score3/10 -
-
-
Target
McDonnell Douglas MD-80/plugins/xlua/scripts/md80_safeguards/md80_safeguards.lua
-
Size
3KB
-
MD5
7b267e7b99543d54a0c93ff5b5d5d513
-
SHA1
8a507e50bb01d432c12a058533dd48bedab5e477
-
SHA256
029dd674af0703b36ffd67fabd8c53388695a34dffbc01a20e1eec8153aa3145
-
SHA512
794f5e0316683e9750b03ed770238fc1b2850e96b58a23668962b098dd509f01b83a4987744a5c45b316c00fb016d9a75c75396df6a400d9a895e0f6cb3b09b9
Score3/10 -