General

  • Target

    McDonnell Douglas MD-80.zip

  • Size

    264.4MB

  • Sample

    240505-v6694sbd79

  • MD5

    e22837f2ef46154536e8e4f8c34031b0

  • SHA1

    74adc116ce07e730fac6d76eecf26a2532c08929

  • SHA256

    27c322d5b556bb17943477dfc35cbd1130f12eaac7f9657580333620215c7d6e

  • SHA512

    1fd2324d8ab6c1aa0c9dd3ebd7883708a4affaf6e68330469fff7262b4a2c6f4d42351803e0d19d5caa37118d845873f20c5fbb5446de65cf4c4b7248f6d6e87

  • SSDEEP

    6291456:w+vut6CTTwAb1QwA7mRzL6mAxy4wEH0+cVAoUzpeuVe5:w1jwe1Qb7eHQy4wscG3t5Ve5

Malware Config

Targets

    • Target

      McDonnell Douglas MD-80/X-Plane MD-82 Pilot Operating Manual.pdf

    • Size

      10.7MB

    • MD5

      f2c327db933222b3c8e39cc577e86274

    • SHA1

      fbb8e8f6425c12e04e3b331179eebfaac2b6b2b7

    • SHA256

      7d02a3b417be6e8c4157659cdec45a20fedd44cab05ead91bbb819be7a696120

    • SHA512

      8c894eb00513c4c7a1b7ecd9f93b8edfc4b2d0f2053e54124bbf63f5cd66eec6196561d3700277d82437bbf57d1719f3e751bdd5d0dd9c6c5c163f41baab4f7b

    • SSDEEP

      196608:/IXRjmAndmTnF/uttQqJ2tw+WIoWF4MRGQQJbhVI7Ig4CG7hMP9KevW:gXRjmAd/bmxHZq9+vW

    Score
    1/10
    • Target

      McDonnell Douglas MD-80/liveries/Alaska Airlines/objects/tail_LIT.dds

    • Size

      1.3MB

    • MD5

      d7329b92d2c7d98934820d7b4388da94

    • SHA1

      83017bef5527fffb98be2850249d0925d9307cd5

    • SHA256

      f17e6ab07e1e64f4d3dc8107b2f39a105ae4a2aec1e9cf64d1b6ba87e1276d61

    • SHA512

      ebcc8eae4c10635177a644f017111ffe225d4c426fc7e5c0dfb64c4ff1d8208aa4a8ddfa584465fdb1d42b8b088ed70469975f3fa5a605d0ecc7cf812aa7c2e3

    • SSDEEP

      3072:zobYMnm/CSG5g7s5FJXB0uO3tDoYPTLzXCpGlL+FhmwSbr0paLRW668z26yUJGQR:zKm/v0gsJALRQFhmwSbr0paLRW660x7/

    Score
    3/10
    • Target

      McDonnell Douglas MD-80/liveries/Alaska Airlines/objects/wings.dds

    • Size

      1.3MB

    • MD5

      7b4a51aa64a33bb838abaf15888a257e

    • SHA1

      1ad761777f5308a4168df1d2699b32a54e76e1ef

    • SHA256

      afddaea4ad0796ef06f1d6f72dd5708793551e933c47272389b41eacd9ce69d6

    • SHA512

      db775051128dfeba568b6d5b46429ef2fca9aba97d3de0a558f612ce5f29d9ade3cb4485b78a71f4faabe128cc4b8805f04469546a49cce9105c26d2fb68a5d6

    • SSDEEP

      12288:63ahA9NuCKemWlzEvzi0jdp7gRS/tXPt8b3Nq0XsyieuXuZ7yy8gDOYjgpNb2zYQ:7XaGbRjdp7jX+xqxyieu+pBDjUfq3t

    Score
    3/10
    • Target

      McDonnell Douglas MD-80/liveries/Northwest/objects/md80_alas.png

    • Size

      25.3MB

    • MD5

      4dd0181c118ded777de586c3eba1264e

    • SHA1

      c6009dd4ca02355d53e101e8a3f7bd5938048511

    • SHA256

      2952ce52fc1001645fdab2704d4df8ab12f9ffe07abd2dfbf580ad126149cc79

    • SHA512

      8849d471c5725767e729a4974fd29c8a21e97052e21f9276dceb0d4a0844f57d8fe1842bf8e1cf762a0110c9d77b71c5a6bf5fcbf35cb6f46a8e61e2f865c31f

    • SSDEEP

      393216:KNy0IsijT/+SnZP3noPdHAmKTZU71VZTsoHBUMIF7hai2InF7mqp2jCd1wgO7uJS:gy0IssHj9GbZTsEBVUnro01HOiVG

    Score
    3/10
    • Target

      McDonnell Douglas MD-80/liveries/Northwest/objects/md80_cola_der.png

    • Size

      17.3MB

    • MD5

      2e904b42cdca59a33d3b8b7110a162ca

    • SHA1

      a6d0cab272e06919871c84211fed966d366898d9

    • SHA256

      2795eab536870bef9caba2041b3dc6b613286b4b0812aaade48b5c9449544fd0

    • SHA512

      1da664ccabb381e6e4524d635d979350d6d0e084eae132ce5b3378458137fb4d1b722997e03cfda115a9b302459a641554a22418f4ea41d930c906e2503e926b

    • SSDEEP

      393216:TgBjBa4o0XynvpB85D7bI0yYG6Wrh3JWLPxzHgXcF9dQ+qvFNI:TgBM4oHnz85D7bkgih3JgCXOfd

    Score
    3/10
    • Target

      McDonnell Douglas MD-80/liveries/Northwest/objects/md80_cola_izq.png

    • Size

      19.1MB

    • MD5

      37f2acfc086384236f88050aebe5c291

    • SHA1

      0580f951f4b9afe5e3dcc90db3b2b4572c22fb2c

    • SHA256

      b499fecee872e8640919a89c3c4d62737b2d5a651366b1082d0ae0f0a67bd233

    • SHA512

      cb49183b2de9a83890e9a3671dd77a0c786c59e9a6787a844b94918cb68e7973cd66a247a4e25595cb9b9d2d095a82338b3dfb9ad345b0b597d7abbe17978e8b

    • SSDEEP

      393216:N4RepIHXw+aLEstZtzj6+prDV1FeaQuXoRNgX2UmEU0YV:xpeaL9V7pr7jnYXgH5YV

    Score
    3/10
    • Target

      McDonnell Douglas MD-80/objects/cockpit_instr_NRM.png

    • Size

      436KB

    • MD5

      dfbcc0f7fa32a5c6dc6ef250b1f840da

    • SHA1

      8c70560ce7865d1374801452a4e1ee4673e4b2e9

    • SHA256

      b23dcd7dd780ede38829db6a63adfd540ba960aa788bbcd0340e9f36a9f8188b

    • SHA512

      1bb51a3dcf10fefbb2f2b6a3b07c1540e7daeefddaed882ad1716bf49e12c73d3f6e3dd1c7c2f2b4ef29ea1a315e2944344953980de9b7ce1a265da14d859b27

    • SSDEEP

      12288:RlvjoNkPGjXeY7lExarwTLjOw7VIQjmoiGPFSQrXa:LsNygOYqxu0OkSojFRrXa

    Score
    3/10
    • Target

      McDonnell Douglas MD-80/objects/cockpit_overhead_NRM.png

    • Size

      1.0MB

    • MD5

      63bcb2e36ff17c5fb8acdcdaa026c81c

    • SHA1

      1efd9d187b3dc96fe0e9547bf2188a93ae89d46e

    • SHA256

      550e857453f69ebdb9de529d5ace65cd79460b562e95112faf09bc9745854bd6

    • SHA512

      935f8869148669ff47a418dbd9048a3ddf9305d3d4854821550dd39d3662a0ecddbfd3a5c4521603e4b063266a25740710c7c77167e973e6a03923be61ee5fc2

    • SSDEEP

      24576:P7HsbxXGfAFo+JJMgrZprkNGU1Uw/N8a/j6fAngGKIEQ:DHwTogj7yUBaQE

    Score
    3/10
    • Target

      McDonnell Douglas MD-80/objects/cockpit_panel_NRM.png

    • Size

      1.4MB

    • MD5

      78906374f8bc8e6ae841ebe0ff58c363

    • SHA1

      00d36dc9ae44efbdcb5a7d41669eda899dc7a0ee

    • SHA256

      5980c10959eadc47efe7b9f0e7784e350afaea2572e091ba8dc1704d82c7353d

    • SHA512

      ee2daf0e239498609a02fb78395d2e31b0beacace38e289e6f6c1bcca7a1c43f45403d384c69329c6eeda5fbc944ea71411daa3c3d9c5625641c4a4551d91107

    • SSDEEP

      24576:6LOhIRS8wt4n3VA/MI6dhKpsXbcyZgzZVS4068eQWRqGI7l1uj3Zsw2IxCO1:JhqS8wt43VAgospZwV0JWRq5p0bZXZx7

    Score
    3/10
    • Target

      McDonnell Douglas MD-80/objects/prefill.obj

    • Size

      320KB

    • MD5

      c7123d7deac715227f0cf4cabc8682ef

    • SHA1

      cdb9c93c87961817393400401ec705750bc52b32

    • SHA256

      267d71c9e0edb1e8b9e6b40e887de80f5ca2007995e650f531b45b1f3211fb63

    • SHA512

      40941bb9f95e9e0c06668fafa39013b413aa28b3facf91c4002371de58cee3826f7f72e5e4397c944d1e64a5fb4e9c2718bffaaa5cbc5879ceaa99b554ea0c91

    • SSDEEP

      1536:Pz6X/3RnDR3riWc5iAU8Q0uq+HDu8xeXPQ9dJpfDC4kQigyaB1PGoveFYO5O2m4k:S3eb/XofSr3YO5zm3LQWXGg

    Score
    3/10
    • Target

      McDonnell Douglas MD-80/objects/seats.obj

    • Size

      9.5MB

    • MD5

      ea7270857ca9b32e9b15c68534a960c2

    • SHA1

      372a4432c747cb2f053a21e8711c35b0fee4381a

    • SHA256

      cb0469565e96866af46b52703f10b03fe675f940b4996f9119aab9a867161849

    • SHA512

      752aef1dd4e7a07bf89ef1bff618f3e7efa03713af517ef856c7bc45240f5b058f289222da3cd077d31009fc014275b760dc6e6430a1a7e5065c5e3c82cb2795

    • SSDEEP

      3072:gewkCoGGs4DO5GGW+T/8h+O/veC7uQVrRhFShuCI5YPYY4WYZZ5OGVGoWzsTPcGV:adbgQStJh2GL

    Score
    3/10
    • Target

      McDonnell Douglas MD-80/plugins/xlua/64/lin.xpl

    • Size

      610KB

    • MD5

      c8dc6a5fc5462e1d3351016a8de3c7ea

    • SHA1

      d6907ab208d4049331710e8215e0f7cd369dc32c

    • SHA256

      7035372216c98675fe528b558ed8cea6aa03e6089f3b1b66e452f6fc5cddad47

    • SHA512

      5adce8636d145b32fe3c99ec3d57afc9ea3613aec9e3e27dd03c538883ba378569829c1766aaf9677e7e7c6c98cbdc143143f7799b02d7957bd1bc9a1c492fed

    • SSDEEP

      12288:6ue8KpufZw6Ibq8qVIxNjkfM8W1muFc10V:6YKqIQy58PW1/V

    Score
    1/10
    • Target

      McDonnell Douglas MD-80/plugins/xlua/64/win.xpl

    • Size

      1.0MB

    • MD5

      7d7ed0dad8ba2175205f229b39cd1ab8

    • SHA1

      dc409c6b5e8296ab8e48432552b7525086b8c538

    • SHA256

      31f515138a7141e89c7487dc4b06c42301674d5b4c8bae0b1832a5e92a698253

    • SHA512

      34529ceaff4f80e10225108629b8a92dc66cbf705a75f02f4fa7b8dac19a56d4749bc1357e1383fd869e8bf36f4d734def2d8ea1764e85f9f6c2acb630ed0564

    • SSDEEP

      24576:hpfmuH/xJCM3FgTVzGZVP5l3lSjRGLcJFoV5Wvd4JUiSGg3j:hxJCLTVzGZVP5qiPSGgT

    Score
    1/10
    • Target

      McDonnell Douglas MD-80/plugins/xlua/init.lua

    • Size

      11KB

    • MD5

      abcdb65fb102a9f48b1c284362a76a9a

    • SHA1

      9a5436095a0979cbe884a41a71eac29a8fc53353

    • SHA256

      d9ae6ed78f02c12e3a7e0918214967c821f9ff94cfca5767ed233859d1adcb4b

    • SHA512

      49d42c8d25d62966c7a88d0b99084419e7a4071f756475d0c250f1d8c76fe97b4477b625f5607e497095f0b3d4a7268c2aa4949b482e6cf87ccfe7244d3c8338

    • SSDEEP

      192:fl5i4dkAcuYIo+KAIKnDj6xZAVaE1wA4YjhRijWLgKrSMlZMoGG47Qv38j4WVstj:PLzYIo+KA3nDjcZFE1wA4Yjj7kKrRbMA

    Score
    3/10
    • Target

      McDonnell Douglas MD-80/plugins/xlua/scripts/md80_safeguards/md80_safeguards.lua

    • Size

      3KB

    • MD5

      7b267e7b99543d54a0c93ff5b5d5d513

    • SHA1

      8a507e50bb01d432c12a058533dd48bedab5e477

    • SHA256

      029dd674af0703b36ffd67fabd8c53388695a34dffbc01a20e1eec8153aa3145

    • SHA512

      794f5e0316683e9750b03ed770238fc1b2850e96b58a23668962b098dd509f01b83a4987744a5c45b316c00fb016d9a75c75396df6a400d9a895e0f6cb3b09b9

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks