fba509ba07a29466d86198a4294961965ad8ef384a62da72e5b01516694fbe43

Sharing

Copy URL

Twitter E-mail

General

Target

wbns_x_fnf_v1.rar
Size

364.8MB
Sample

240523-bddmjsfh57
MD5

e39a18407b30ed3c60e54417e2baca28
SHA1

f47b5186dbb8bdae7d6a67c89401715722289cbb
SHA256

fba509ba07a29466d86198a4294961965ad8ef384a62da72e5b01516694fbe43
SHA512

d35889ae069c816fffa739e696dde0170941af7ecc946366cbffffb752e18939cee887e323accc0f141293dbcdf3b26b350dd259549e6de503d85b64bbd19d5b
SSDEEP

6291456:vaR9rSyw56JeeHgHhSLe+YENGuLp70K86PyNK/fpjiFCNtjHANWIDU5j7eLFTngH:C/rg6JeeH9OsGuLp70K86Py+hu1DUt8e

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  WBNS X FNF V1/WBNS X FNF.exe
- Size
  
  28.4MB
- MD5
  
  6363f1655dea5d8e05fb45f47c3d1918
- SHA1
  
  206e917a0a200122e9c05e72abf7e3fdedd0b5f2
- SHA256
  
  054ce19254564fb7eb7576c406d236c69accf3241bb6345ba99f81a427054f3a
- SHA512
  
  59036e75783dcac73c96f647f81a4840fd4272b21432a077153e4ddea29cc2c6157af023977e09bdcf8c1658217daafed368e7a8deeef52dfd753950ff412b45
- SSDEEP
  
  196608:aFkygtjTC0JkKMV6/GiuHUbOkWSBn7PgPyNgNwxtnNULQNv81mU:ekymje0JXRgHUbtn0PyyWtnNULQJ81
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  WBNS X FNF V1/libvlc.dll
- Size
  
  186KB
- MD5
  
  4b262612db64f26ea1168ca569811110
- SHA1
  
  8e59964d1302a3109513cd4fd22c1f313e79654c
- SHA256
  
  a9340c99206f3388153d85df4ca94d33b28c60879406cc10ff1fd10eae16523f
- SHA512
  
  9902e64eb1e5ed4c67f4b7e523b41bde4535148c6be20db5f386a1da74533ca575383f1b3154f5985e379df9e1e164b6bda25a66504edcfaa57d40b04fc658c7
- SSDEEP
  
  3072:f3jr3xal+e5Wz5+xCwcNohCMYMUyNUjqsbJLyLM5xjxN:f3jFe5WYYwRj4yNMqSLyLS
Score

1^/10
behavioral3 behavioral4
- Target
  
  WBNS X FNF V1/libvlccore.dll
- Size
  
  2.7MB
- MD5
  
  01f6f807faf190a38bded7bb1c105c18
- SHA1
  
  22c9fbe9a92be74fe857aaea020025a78c52365f
- SHA256
  
  1fed66191a0cda73b37ba2bc58f6ebad3ee1ec4f8193608f3ac1d8ad2b97640d
- SHA512
  
  e35201ce08d51cf3c7580ec390e4eee228dbe17b51ee0885f748a65f36f2bb6a1c4deee10ce9be92d6b6d58db8a59b8d1f93dc8108e9ae7ef0f059c62d2faee9
- SSDEEP
  
  49152:DA9qEelmNGJRcsADizpXtBOy+BAUZLY6sEZGaXBuQQ9eyr:+q8fW+BAUZL3e
Score

1^/10
behavioral5 behavioral6
- Target
  
  WBNS X FNF V1/lime.ndll
- Size
  
  7.8MB
- MD5
  
  e9d252409de3b6c0000c3eac9aa800fb
- SHA1
  
  d312cf0ad7d705a924aa3ae50d5ffeb038274d9a
- SHA256
  
  715a495dc5da7989972c522c1b532956ef62a7e308779a401cb1f28812f9188e
- SHA512
  
  ffeaa0100c4ff68a6630b8ef13553bb72e61752508a6f27acb81355509c5924ae921e045e747ed79f64f90445b887ff3eb68668b07b128dc24352f97ca240a3e
- SSDEEP
  
  98304:CgyC2BmHJ40X3ZpAZkoSFIA/1hkiHa4AHd4ifIA198e:CP4nX3PAuoSv/hwn
Score

1^/10
behavioral7 behavioral8
- Target
  
  WBNS X FNF V1/mods/All wbns/scripts/optimization.lua
- Size
  
  4KB
- MD5
  
  468f10f180bdcb2ba377070bb133da37
- SHA1
  
  0b919a31e84e0007a4e072a60a8c81b29460d77d
- SHA256
  
  8ed718d73850beadc0b31091b0e674861d3284123c0fee2f47232091fafd233d
- SHA512
  
  eefaacb0bc24e235e4b7b0bdde067c00cfbb62eb7223ad2c0200c388e8663189736409739ed8a043793f28d9e5dff0aab981df60a5daa5b479b59d26421c3111
- SSDEEP
  
  48:EUPxwxb6xmBTrBESkr3i/oDcTqqYM2IYRncHVCxPltoLUsv:dPxw5XbESkr3i/oAhYhtuQf8
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  WBNS X FNF V1/mods/Unwebonable/extra_scripts/extraCharacter.lua
- Size
  
  6KB
- MD5
  
  4968f7818a93426b3736600a4d491f05
- SHA1
  
  7d7da191d3467495c4f7c55910958172cbf8e863
- SHA256
  
  77092f20a79d472178f37fbdbaaa32f90fe0c4d5a062e2d857269ca873ad07e8
- SHA512
  
  e0250d4007fdfb9c2385e6584414ac76c6934169f7c1d99b358c8da524a56d14a3f56247855a594a1cc89ad3f743ab8940bc706b047943261400662902a09723
- SSDEEP
  
  96:c4kokH6NuZVfVRae1R4UsPIbHqcO/RJKWuYUWmJJKWBzK6arWwjg6aNHYABV1qpb:bkPH6NuZk1sH5OGsBmWiOrTEeoXFXuX
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  WBNS X FNF V1/plugins/access/libaccess_concat_plugin.dll
- Size
  
  42KB
- MD5
  
  26016914b5b8b7c6d758a30a6fae2dda
- SHA1
  
  c455742059ebe4908e12d0e04971ee3cf9b51ee1
- SHA256
  
  2609e2c53d1ba720c0a778384784cceccb86532a31285e5dcb287e7bb7793bdb
- SHA512
  
  6b2db3623d98b51793860973c60fed97d54d3e426a7ec489f265bae92e152e4c9849967eaa136519008018aec43dadbe7a34f1859fe16c8488094d7037c77705
- SSDEEP
  
  384:NHbx3JXX6tMoLvyb2XLJF9Wl5Y1nV8HSWSBwDRvDGjoe02Nyb8E9VFDPxM/vDGj9:VlJXHefWDkeHSHw5DGREJPxqDGREJPxE
Score

1^/10
behavioral13 behavioral14
- Target
  
  WBNS X FNF V1/plugins/access/libaccess_imem_plugin.dll
- Size
  
  71KB
- MD5
  
  e15fba7216c5181234e8455efdf61d76
- SHA1
  
  ec86c00eb58b5a97864d36b346622318012612f7
- SHA256
  
  bf51d2f6b8417fc3d3f31df06637b11b6c351a61d774860973c008b25378cc42
- SHA512
  
  0e5f46f1961d169f5ad9909d40426fc56e3ae41b0e0cfba38174b9b3c992a26819468979f565660cc5617914b9e601c5869004631c21829da5a2f7f420aad8d3
- SSDEEP
  
  768:14X8hAFd798I1NFjpyY2yy/FfjoLOY7saCfWs6w8lw4JDGREJPxPDGREJPxf:/mv7L1Ne/M/7sNWsf4vPxtPxf
Score

1^/10
behavioral15 behavioral16
- Target
  
  WBNS X FNF V1/plugins/access/libaccess_mms_plugin.dll
- Size
  
  105KB
- MD5
  
  7c76017e1503ab07e51ec0d44d2a139c
- SHA1
  
  27f4d14877f9ac883695b36f8fe0cf04f459f16f
- SHA256
  
  68c3ea26325ec61ba7a7a9dd467889873a8759b3be0bca2707081ba4c16c7a7e
- SHA512
  
  c9f9996796d952af6e2e7ce92a73e1ad3b6642029093a97652c60c1c42146f1591b579da4f9fdf2193fdc7fb0d289e94d754b3f865e79875491b7001389b68fc
- SSDEEP
  
  1536:Vy2tF/3Nkz/2TKhJekoQeC57Gm455F7Gm+dswPxRPx0l:te/SK/zos9GmoVAtxVxW
Score

1^/10
behavioral17 behavioral18
- Target
  
  WBNS X FNF V1/plugins/access/libaccess_realrtsp_plugin.dll
- Size
  
  146KB
- MD5
  
  e421f61deee0078802d8604b2ad08917
- SHA1
  
  ff5375c9ea526c45271ca5c580be4c608cb47814
- SHA256
  
  119edeff09504af40f8eb736ab56e1b9a9534cb9743b54ce07d80d00012c5e6d
- SHA512
  
  be19eaeb85d9438deada938ec431a035ac4e65c51c807b173a0a7bb4765571ada010c627e013a558fb668467f72dceaf62fefaaf4393a3fd4ae2a2995d95ede0
- SSDEEP
  
  3072:gWXGEHuBRHEIDyGGyBhm5f3N98ic2+scTtvrax8xm:goGCuBRHPDxTu5f37XcGcxrI
Score

1^/10
behavioral19 behavioral20
- Target
  
  WBNS X FNF V1/plugins/access/libaccess_srt_plugin.dll
- Size
  
  3.5MB
- MD5
  
  ef8754762924e185bc64a23a8e8f5a8f
- SHA1
  
  731c4df43dba07c89e9b70063b0dec355beb3393
- SHA256
  
  d032c07dc6cdd73d8b9ca722836a4ba75809c2c808004f663c7a187c9116928a
- SHA512
  
  69810d21054e10ebf3398149105a4ee9d0414936a0bb8a5c55bdff5c19ed1e99ead00c28250bef1b2dd44a0269ca6e7816f8bf2f0d3a95df405b4756e6508587
- SSDEEP
  
  49152:3jB8X8qBIqRmsYqSEibpu92wqnVoc3CNJGtlqRO9ExEXA7FsQgXo0u1FyRNzNoxz:391h4mg49vHCNVYEx1mN5nifIW9b
Score

1^/10
behavioral21 behavioral22
- Target
  
  WBNS X FNF V1/plugins/access/libaccess_wasapi_plugin.dll
- Size
  
  58KB
- MD5
  
  04b3b624b4e61a3374ed2dd95528c68b
- SHA1
  
  7bd2e32fa529da4369198ca384ce2dfafaa33d2f
- SHA256
  
  820e5ab7c819e24fe1c59da164cd01c7d672bcb1f3134c663c5fe8c104763695
- SHA512
  
  c9bf2ef3f3f431520e3522b75147a74c64bd6a3b9c8dc004fd6c4a4b31dfe96bffb4d084f30020fab467dbf566a2b6059f40fe98f7cb9a922de8b9a2de22ebb5
- SSDEEP
  
  768:omhpf2U4lYkQpXsC01UKAk/1dLNtONWunDGREJPxf1DGREJPxh:7hRck7Lk3HIWuVPx7Pxh
Score

1^/10
behavioral23 behavioral24
- Target
  
  WBNS X FNF V1/plugins/access/libattachment_plugin.dll
- Size
  
  40KB
- MD5
  
  c2c4dcdc172007b8cf5dc29629029f83
- SHA1
  
  70c76bddc0eee156c502221be2f2c66cadccad2a
- SHA256
  
  8b48547f9804d30c6328dd238fa7c2a02ee0ac0296ce557b4c4a662eae22fb6a
- SHA512
  
  ade5beaf251a30bc8b5e18223d5cb771155cdfa57ca3cc056b7d611ea25468502fef0138e24037d54f862309b1218ac5b3648a670696c755e3b08b0ece1ec892
- SSDEEP
  
  384:feec6gyVF2zjQFAfck1pD7q33gBfECSBwDNvDGjoe02Nyb8E9VFDPxSsR38MXvDC:u67kPSrEqnsE7wtDGREJPxZlDGREJPxq
Score

1^/10
behavioral25 behavioral26
- Target
  
  WBNS X FNF V1/plugins/access/libbluray-awt-j2se-1.3.2.jar
- Size
  
  68KB
- MD5
  
  5b8dc68b7a41a3f64f7c630b6ad50578
- SHA1
  
  e64eaeb45b1e15071f660dda489225e11a72100c
- SHA256
  
  6ee22bfa0801fe733d769d1a9fb7264185986f8f4f0459408264b043851684bc
- SHA512
  
  7db252a8e5187d0709e34e7e7bc534e2f6946bb73d5550a4bd2f0ed768ca2b5d8e8606a4f6a373220e65cda48f82aca84f77e227b0c832a064829add527c489c
- SSDEEP
  
  1536:vsYBIlvwdVTCcXaqWoHIOACjEcAbkUbCvj4x+UdQ/w4BgPgau:UYTdkoJA1zbk2WMx/z4BgK
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral27 behavioral28
- Target
  
  WBNS X FNF V1/plugins/access/libbluray-j2se-1.3.2.jar
- Size
  
  752KB
- MD5
  
  1eae419266af6a1ee1be0dc2bf570fb9
- SHA1
  
  8e81715af0a50c9ba4fb2764b242b7ceb83f814f
- SHA256
  
  bd7f9341ab918d87914ce27a04490f58cc7b20c6a1a1244a2a5f3b94c9fbab0e
- SHA512
  
  a56cea84aa36973cda2c2baf594907522e8130cae5ec109f55fbf1760c660f1afc6d07cde9b30fb29a2a535c3b5ffde7708e4f537980661b7813d4ec6904a0f0
- SSDEEP
  
  12288:F7vKzuS26QJ1i9NXNtj9NtVIrNcnK2Afp0Bk0dktvQAWouboILYU5:F7vKzmhi9NbzrEcnK2C+BkqktLzubAU5
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral29 behavioral30
- Target
  
  WBNS X FNF V1/plugins/access/libcdda_plugin.dll
- Size
  
  807KB
- MD5
  
  f4e1627c9f9ece45aff14e9d0c59111d
- SHA1
  
  e5c249e2bcf0fd2bd75780008aac42fa8d761cd0
- SHA256
  
  bc345c902d036a597b5c22de723561345818e0c566adc67d85934aff584cc8e8
- SHA512
  
  811fbad644f7cbd7dc818142559385ca53619ae77a8b3fa680aa36e9882465325c55fa697cb164a8c541619af95a476b7e9a3dcef8189bd2214a40d49b82c8be
- SSDEEP
  
  12288:vKwQ6ApqFFEUkhDHvyXa+yvcopgZZKrxf9V9lr+KKah:vKuApqkUkhDHKXa+louKdMK5h
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

Modifies file permissions

Modifies file permissions

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32