8b9147aeca757bc36f30e98c7481ec302d2be6de1b893a6f2ad80864f1106fb3

Resubmissions

03-08-2024 19:46

240803-yg8nestbqr 10

03-08-2024 19:44

240803-ygbcxsxhld 6

03-08-2024 19:41

240803-yd6pnaxgpa 6

Sharing

Copy URL

Twitter E-mail

General

Target

win-airplay.zip
Size

14.5MB
Sample

240803-yd6pnaxgpa
MD5

79907c402bfd25fa29f2fa1336b292af
SHA1

0f914d4eec4c6d3005b80ff6500a14fec13a384d
SHA256

8b9147aeca757bc36f30e98c7481ec302d2be6de1b893a6f2ad80864f1106fb3
SHA512

f4f5b53ad78e89409e46179db2286842a6edb14c920c466c57ad160ef17cc95055fe610de9dc122ccb682ec0f1ea2bd7908e52eac8193c846a8da277d42a6bd6
SSDEEP

393216:5CSO2to+1kmcVJ2HvYPE+cgLGYlaARy7nMvuC7O2XmA0:5CSO26+1kJLwD4RhmCq3

Score

6^/10

Malware Config

Targets

- Target
  
  win-airplay.zip
- Size
  
  14.5MB
- MD5
  
  79907c402bfd25fa29f2fa1336b292af
- SHA1
  
  0f914d4eec4c6d3005b80ff6500a14fec13a384d
- SHA256
  
  8b9147aeca757bc36f30e98c7481ec302d2be6de1b893a6f2ad80864f1106fb3
- SHA512
  
  f4f5b53ad78e89409e46179db2286842a6edb14c920c466c57ad160ef17cc95055fe610de9dc122ccb682ec0f1ea2bd7908e52eac8193c846a8da277d42a6bd6
- SSDEEP
  
  393216:5CSO2to+1kmcVJ2HvYPE+cgLGYlaARy7nMvuC7O2XmA0:5CSO26+1kJLwD4RhmCq3
Score

1^/10
behavioral1
- Target
  
  win-airplay/Blueberry-Airplay-Youtube.exe
- Size
  
  1.3MB
- MD5
  
  7267c81e58270e30637a88364784d280
- SHA1
  
  759cc54d57436818b1bb812855a49919b2998ea2
- SHA256
  
  5b9f4b043b306c4577610d7980d42a38a4a1b8c611d0ff13ceae33e64334c224
- SHA512
  
  e5e6133636ba07660f7f558a31a4d02a54d7af1498168b57234ff89b197a0401ae6afc08ab4fda6eb178bdd7717f48c6caf0c591a2647d7fa20a89a2611fba05
- SSDEEP
  
  24576:AzJ7tK6J6KOtvsSbuu7lNvMBeMtLfKzC05+iMo5wIVZ3UJchmJMnzYU8kaKRqvn1:F6JvOtLbRNXdC05ZMoxZ33hmKzKXKCn1
Score

3^/10

discovery
behavioral2
- Target
  
  win-airplay/Blueberry-Airplay.exe
- Size
  
  463KB
- MD5
  
  d8b60b34a2ba716d06ccd41716e330e2
- SHA1
  
  2ee2007f61e93a81aada7e875e08c50c0b85c2e7
- SHA256
  
  02e38cf1932bab2cd485234b0b4442c413d6518203d806988f432856f979fc8a
- SHA512
  
  f903f78c287d45cef8bf2b2865d9265fc447a4ea2b1ad56b2dc2c59811ebdcc49bc64aa68049a61677fa35826d46da6337936dfb4b44b127e731532b440e5d33
- SSDEEP
  
  6144:i1z7j62HxsgYZhWR42gGn2So70wS9qaYTGAU+GL+3H:gfoGto70/gP3H
Score

3^/10

discovery
behavioral3
- Target
  
  win-airplay/Bonjour.msi
- Size
  
  2.2MB
- MD5
  
  e14a6762e68472c648ea0eea0ebe01a0
- SHA1
  
  a854475b22a934ff977edc23e110ebba79a010fd
- SHA256
  
  34b0af1165f531847b509d3d47f22bb87f3eed93344521986105350bccc2cbed
- SHA512
  
  cfbf3dc4b6ee58dacd1e50cfdd73a202ef2b6d0526fe657a19c0b0a05a9e879b1a275368290c7da1a1f93971c4beead53765491dc0971886521b005247a22093
- SSDEEP
  
  49152:Oa3PPXjym3MYPiau9KXeixE2g58HcvGtXZXECrcxiO/pP/k/vY80as686oX/:VXemcYPiarP
Score

6^/10

discovery persistence privilege_escalation
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral4
- Target
  
  win-airplay/Bonjour64.msi
- Size
  
  2.6MB
- MD5
  
  8dcf5c9eaacdaf4568220d103f393dea
- SHA1
  
  27f68596398b68ba048f95752b4eeb4aa013c23f
- SHA256
  
  53be81cc6e2dc95a1041e8f3d8f500fad4259ab20a1aac151b5fc7a64d354a93
- SHA512
  
  10f8ffb6fa5e7163f0a83190ddf211479f12e16635389b49ac041eceafd7f04c040d830065adc89b1003f38d8381851c09150a5bc8edced6ecae8ee5ae801088
- SSDEEP
  
  49152:aXMDiLYLW8Rv5GYCRL69MXeixEEgj8HyvftiZikCTcRi3/jP/N/v08Masv8Qo2/:wwPR8YCRLVm
Score

6^/10

persistence privilege_escalation
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral5
- Target
  
  win-airplay/SDL2.dll
- Size
  
  1.1MB
- MD5
  
  cfdcf1cff079dd87c92d6aa46f00135f
- SHA1
  
  079fd89d25b343789610ae1421f1956a14bc737d
- SHA256
  
  ffbf5aa7d13fed5d12ba68ba3af930a15aa5d0ff97cfb50a5965a498a941a6dd
- SHA512
  
  9f48a1fba28bee8bc64479f5c6e8e5faad9e71da4ee0601630070bf69a847a580ffe8c34f53d5ae85a76cf2ea0740e520ac5bdb2f5d009b4bd9ca3ea8893845f
- SSDEEP
  
  24576:G/stCXh0JoiOt+7fklSAhteb7LVUdC8J6CK/UlCrlefcwn0TSbW4Tv6ss9us0u33:wstVZaYuWNCRLa/r/fHc/d/xHq/z/Xw8
Score

3^/10

discovery
behavioral6
- Target
  
  win-airplay/airplay
- Size
  
  1.2MB
- MD5
  
  3658b11fa1c41f50c08aa741f3c28948
- SHA1
  
  9340b1c7fc756dfc927287503c0e6e604928a72a
- SHA256
  
  89a37cb16c03eda82e5f6309c42358f4f8cea0e279386912a90739ee2b91bca4
- SHA512
  
  849274c2d7cbce54d3b57cb54c3f1a754f5017d1658901691a2f8bf2c3e3886d98e125f5134a2627a24e27e83ced8b180d1983f50aa66c279f5b8907363ef5c8
- SSDEEP
  
  24576:OUNm5R10DmudnZMu3T9e9SUhZADlBLLfKzCuGCytIAqNnZKuOCzmIMbz7M8Oak4+:u0DXdnZD8DhUiCuGJtIZZKKzmLzptbIV
Score

3^/10

discovery
behavioral7
- Target
  
  win-airplay/avcodec-58.dll
- Size
  
  13.1MB
- MD5
  
  35241987061342637fc7a2ee0c38b88f
- SHA1
  
  adf94deec5412ec5a3a4f03d8889ae5e58aa0f40
- SHA256
  
  cb8e954fd76e363cb48f0afb9e87db8cfb2646edfb66a321cd446a2166dbbb23
- SHA512
  
  ce9218c2edb135971bb901feaeb57df81b651957e6c68228ef1f689277c65966ad103fffcfadf28bc79b1da4ea657284c0b7f145944993efac6e14b541579f08
- SSDEEP
  
  393216:yfhXF6cVhKLh2RJMDhydfoN32IV0PGhjLXHSpTy:yfhlZ+l2IV04ew
Score

3^/10

discovery
behavioral8
- Target
  
  win-airplay/avformat-58.dll
- Size
  
  2.4MB
- MD5
  
  893482fc85d1b4eed7f437884edb0853
- SHA1
  
  42686213b4f5999c511d98ad0324207c5635145b
- SHA256
  
  d36d0718790e389aa3e222aeea10e430c810e994355ffb54f0f40456354d463a
- SHA512
  
  c5cbda2b33cdbbbc21c0fd50a93dfe8b8077b7b62eb470a2e8c9dbbc71cfe18adb22aedef1f97223996ec329cdd3effba3e0a1ed01d2a0eed0c16b29005639d9
- SSDEEP
  
  49152:BqS0QT+WUzhm2xpq4qhv2hSONY0wXZ8ps7o83Q5:BqgyWY4Ko4qV2hPNYVXZWF
Score

3^/10

discovery
behavioral9
- Target
  
  win-airplay/avutil-56.dll
- Size
  
  632KB
- MD5
  
  77728494071d91965eafcb429f7f5079
- SHA1
  
  3ff9000c759e41fcc71cd05fad6162ce94b1e787
- SHA256
  
  1a2c893c4f3abd0f5f0536e49149d4ef410b307d9285d687bc5a25b15db88df1
- SHA512
  
  74b6c71c52b7f3e42684ac613aa8754ac7a185eda59bc33964d8d637f4bca4a15a0bc7f39791f56f3ac10079716956970d3a6b51f1da1aa427dbcd30ffe7199b
- SSDEEP
  
  12288:LJzDgD5bRZUMvyNrgKhC7obcuNqE+ZlixX:LJzU5bIMaN8Kk
Score

4^/10

discovery
behavioral10
- Target
  
  win-airplay/cairo.dll
- Size
  
  1.9MB
- MD5
  
  36ca0b374a02ca218857452df0463272
- SHA1
  
  71ff37234ea5feb7449a35b86f03d2fd25a09bbf
- SHA256
  
  f945c7bee316109182f2c18ef0aed91a8b684cee8c41149c3103e7d3360a7405
- SHA512
  
  9f8d7f5d80aa627e362c3480b2593ceaa4d4854db3e8709a7ec151c027265bcf3e9d89cf623273051d796376b3c3671abd2b88e305fc462a4da41079496e0dbf
- SSDEEP
  
  24576:5ogEGYqkWmS3b3Ph6X8oGmOTT33H9jV01ozt8L7K0E1tyTDoNDPDc97ylMphlTMV:qgElsxoVOTZiK0WUWhahxM2Nj1zm
Score

3^/10

discovery
behavioral11
- Target
  
  win-airplay/fontconfig.dll
- Size
  
  214KB
- MD5
  
  8715791453500a9957c547a2c3e47121
- SHA1
  
  67683d7fd8fde6d42444f4d3f5f579ba4034049e
- SHA256
  
  ee897f9f2d145d6159dcfd921d28214a92f94bbacf5e876c4a0df676d9da7182
- SHA512
  
  a9a78faea1f8d5d7baef17a059dcde84ffbb77565ca53157b1344ddeca19ebf8a363750e6344fdfa3ce488a49ac67a9ed395266c567d032e7c2938ff1ed81925
- SSDEEP
  
  6144:RiBOc6FB4/habTmI5hfRlD8iU8NMtsHEGQnfj:RmowhabTmuRiiVStGQfj
Score

3^/10

discovery
behavioral12
- Target
  
  win-airplay/freetype.dll
- Size
  
  652KB
- MD5
  
  4316fbe5f79c07148784ad046d4713c8
- SHA1
  
  602cdd2cc10524201713428a189d8853bd773e6c
- SHA256
  
  0b8adf00d7cbaa8297ac350c30fd9c89c1d21afb4052492af5f5e242ca8420ba
- SHA512
  
  c0c21d51f6764508aaa940ef60bebb3c701b41b81be3eb8595ece3679c2b4600d80250f3ff92c8e0387e1149d1bd925e2b03d2f6259a3331e7b153f7e390b1a4
- SSDEEP
  
  6144:xrmuyK950g8e9Aov5CzpIAXetjjuI1t2MyhRG8GJlN0jozqFOeM1/qKWsEWmfDM:5p8eqo06tjj9t2HGHN0joOYeM1lfEWm
Score

3^/10

discovery
behavioral13
- Target
  
  win-airplay/libiconv.dll
- Size
  
  1023KB
- MD5
  
  f3c33d50e875c8f58a38ffa4876fd501
- SHA1
  
  da9a9d1544ec9e454f357937a1868e6e1f58703a
- SHA256
  
  f739136d5977a3c3f3bc6bc587faecce5a2a8d90f36985067183da5d93db3860
- SHA512
  
  3d1d5be8a6f3a0740a8abf65de4d6d9e46c1c58a2af9b2a2eaef066ffa07ad985f2ce4333bd0ba683ffd92747ecd6eda03fa50615e584a922873d3f7047fdc13
- SSDEEP
  
  24576:9VSViOykyuI/dBAUZLYzfobbTIfBlHimdGavkg3NyvJ:HkyuI/dBAUZLYLJfHZdGaX4J
Score

3^/10

discovery
behavioral14
- Target
  
  win-airplay/libplist.dll
- Size
  
  69KB
- MD5
  
  3884ca71f0a70645cb844c5baba40f40
- SHA1
  
  c87b47d9049d486d68b9fc07357224b45aea1bf8
- SHA256
  
  362b2f4a8d6e8e50dfee53c11cf633736198c1dbfb1267202b6ec29c8a8b1208
- SHA512
  
  cf28442650e1673e34a6144fc2149b9fc493394adb7fedb7759a8e321ea956d2b18f228169cf2b3559737a583a8cae5996d32f4098f91ae69df8a2e6eeccc0a6
- SSDEEP
  
  768:Uec8KDLi9V4HDjqpX/liWP7Oq8ElrMAulUX/W+1jqZmdIZz3c3v3ItDSJjm:oLQV4HDjqptKE2Aos/W+Fqph3kv3ECS
Score

3^/10

discovery
behavioral15
- Target
  
  win-airplay/libxml2.dll
- Size
  
  2.2MB
- MD5
  
  81e84051c52f747549d6e9348c6151ad
- SHA1
  
  21ab3d966a663e5857cbd5f212cda7c1add4c48a
- SHA256
  
  44263c4220ff60de1087a50c91572f746d1ba262af1f0d84b995a828ee59cf96
- SHA512
  
  ca336f01c869157179594a6ffd0cf9adf024940157b70b7a50e355f6b96ed6504b4c032fe949fc254dd3d2527e4371040eef615e2268ee5bfd65e0721b65b013
- SSDEEP
  
  49152:wh/FNPNDKFe+cwIHRtQW0kIBktov0Wq9408tdekm7MZ5SZ3e3fgqTwu+jrBAUZLu:wh/FNPNDKFeLwIHRtQW3ov0Wq9408td0
Score

3^/10

discovery
behavioral16
- Target
  
  win-airplay/postproc-55.dll
- Size
  
  122KB
- MD5
  
  3500ed20ea1648fee4b7f393999f3128
- SHA1
  
  bc058eb0cac6a511c8b858bfcf95435f60c0fc48
- SHA256
  
  c370280f618a1e6dd7300519f3f4506ffced0245a116f9e52f4e2382c5713c79
- SHA512
  
  8dd090994f5ccb3eff970955fab100f8a347d7efbe1455caf62a608a3de2a46bd1def8d54be8a24baffc22721c285dfd3530c41a3246646f8c4ad48d32ea4af3
- SSDEEP
  
  3072:gZqttNttNNQ6xMR5gjHaeskOSNMBML3cPoDEVGavfSiI:gAttNttNNQ6xMTgjVCucgDE3vfS
Score

3^/10

discovery
behavioral17
- Target
  
  win-airplay/resources/OpenSans-Bold.ttf
- Size
  
  219KB
- MD5
  
  50145685042b4df07a1fd19957275b81
- SHA1
  
  c1691e8168b2596af8a00162bac60dbe605e9e36
- SHA256
  
  5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323
- SHA512
  
  9c995725aade5f126c727faf1c4453344e37b590a14152d31d44dca3c9328a54207bbc7c840695cb55bc1b559097b457888655e11199192cd5197c85aab8b1b6
- SSDEEP
  
  6144:JmT6w+rgw9JcJmHeJvjzauutgCNktQFvmnoxXTS4uvpt:M+/9JcJlYqCNktA+SXfGpt
Score

3^/10
behavioral18
- Target
  
  win-airplay/resources/OpenSans-Light.ttf
- Size
  
  217KB
- MD5
  
  1bf71be111189e76987a4bb9b3115cb7
- SHA1
  
  40442c189568184b6e6c27a25d69f14d91b65039
- SHA256
  
  cf5f5184c1441a1660aa52526328e9d5c2793e77b6d8d3a3ad654bdb07ab8424
- SHA512
  
  cb18b69e98a194af5e3e3d982a75254f3a20bd94c68816a15f38870b9be616cef0c32033f253219cca9146b2b419dd6df28cc4ceeff80d01f400aa0ed101e061
- SSDEEP
  
  6144:b4kgACfHoUGMxLutgCNktQFvmnoxXTS4uUJt:z2fHowSqCNktA+SXfvJt
Score

3^/10
behavioral19
- Target
  
  win-airplay/resources/OpenSans-Regular.ttf
- Size
  
  212KB
- MD5
  
  629a55a7e793da068dc580d184cc0e31
- SHA1
  
  3564ed0b5363df5cf277c16e0c6bedc5a682217f
- SHA256
  
  e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
- SHA512
  
  6c24c71bee7370939df8085fa70f1298cfa9be6d1b9567e2a12b9bb92872a45547cbabcf14a5d93a6d86cd77165eb262ba8530b988bf2c989fadb255c943df9b
- SSDEEP
  
  6144:Y6pzdD/rIJXiQTutgCNktQFvmnoxXTS4ubCl:n9FrIJJaqCNktA+SXfUCl
Score

3^/10
behavioral20
- Target
  
  win-airplay/resources/OpenSans-SemiBold.ttf
- Size
  
  98KB
- MD5
  
  ba5cde21eeea0d57ab7efefc99596cce
- SHA1
  
  e256f8391718ef61f253dfb4e95bbeb3c5857afc
- SHA256
  
  5e8d9e1a89083cd1b0849993fe2f3acc9aa33b7f439f7e8616872f6897f30684
- SHA512
  
  e04e5b59d9d60dd8312c5e770e458a064af9930e03f9711957c542e5823516ef4b7aba10b3b79337371bf84e18bee758705cc7f9e3240106c84f1399d01064ba
- SSDEEP
  
  1536:RTm08+XZVRkQ4sO6InBZG9s/0ug7udLXd6IzwZ0ztpX:RTjFfeVnC9GUALXd6N+pX
Score

3^/10
behavioral21
- Target
  
  win-airplay/resources/OpenSansCondensed-Light.ttf
- Size
  
  97KB
- MD5
  
  3589bddbe338e444d408f4dbc545ca1e
- SHA1
  
  ff94aff6ae5feb5c9042ccdd44e9e1c5e04645f9
- SHA256
  
  3d5e344a0c983dc41d10243cd6b71874ee8edb85edbfc6ce0c881908bc89cb67
- SHA512
  
  38d91f1c19b565d70371c2fa2a28b2d9dff74fbfb4e680748889c559a8047fea89bc2cd2ee9d568aff4d5d21db17b197a28e150372593f7075be8e2c94e4d66a
- SSDEEP
  
  1536:Fga/vdNqeqbBhUvBmUENSpjtrTkeNHegQxJ27L6OjlPAP1:FguFAe4hUvkMpjtqxxi2oM1
Score

3^/10
behavioral22
- Target
  
  win-airplay/resources/Roboto-Bold.ttf
- Size
  
  132KB
- MD5
  
  afa7a91dadd77b23634a0fdf18c148f3
- SHA1
  
  6cbb57ba2355cf442e06899898ff5af55867103e
- SHA256
  
  9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70
- SHA512
  
  84d123b67505522c256f4ff79c3822eabe2d63036023896e9854298ff39e050bef7894f6320ccf950592015760354683c4dbd19aa203d433a04a5d6bb28e8115
- SSDEEP
  
  3072:N+peczeYnL1aPZroinhTPaM+1ogRte9vd1RNmVLOF:eecd+hXX0a
Score

3^/10
behavioral23
- Target
  
  win-airplay/resources/Roboto-Light.ttf
- Size
  
  136KB
- MD5
  
  e22062b3188c8199283ef2aa835d4653
- SHA1
  
  191dda7a5142990cd980727d43b27e4802f0b321
- SHA256
  
  b17667ce7e13581db105777f986e141168231e88a8ef16d13e581c7c1525f14b
- SHA512
  
  c07cd18549a83e82f0d7aade010fae4c74ddc70780123cc311ee2f757ef4c9c5bfdbb62dd2086fedac08a186332b49352e9d9fc4caf37757672bfa208099a032
- SSDEEP
  
  3072:ae+oh3khKjCT8aeZYVvoPezvd7ORhbdZFro/sGlenNsz1GKPtbVR:R+Qoz8ad5zOjAenCxG+tbH
Score

3^/10
behavioral24
- Target
  
  win-airplay/resources/Roboto-Medium.ttf
- Size
  
  167KB
- MD5
  
  58aef543c97bbaf6a9896e8484456d98
- SHA1
  
  f6783010d5def128c4a1539333324f75701d9bab
- SHA256
  
  e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836
- SHA512
  
  024519d895d9b0296513523250a6044779567f44e9e384926472417c4a1e2d4a5e9b8296f97f5bd1b6a6242f7781bbcf9a41da66e6e82f66de69936190e1b865
- SSDEEP
  
  3072:cqmtn5wkex8r6Qym7KCkygAKuXylCC9ptSUXl8j/6afWKzCyhASD/JwXI:L25wklN7T3QtSUXzs2STyXI
Score

3^/10
behavioral25
- Target
  
  win-airplay/resources/Roboto-Regular.ttf
- Size
  
  141KB
- MD5
  
  54a91b0619ccf9373d525109268219dc
- SHA1
  
  1d1d41fcadc571decb6444211b7993b99ce926e2
- SHA256
  
  b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f
- SHA512
  
  7f79ff3b42a672371814f42814aa5646328b1a314691d30ce09ffdc7a322adcb1af66625274f7fac024ca2f22a42b625001735711c430faef6e077e1f1d24887
- SSDEEP
  
  3072:ENAluNu8V5ZftwYlLzEeNgHS2pOpdO4WqLpMaSZFKVet:ENAH8XZuadpZuFw+
Score

3^/10
behavioral26
- Target
  
  win-airplay/resources/elements_basic.ttf
- Size
  
  21KB
- MD5
  
  b97d4d51fa962932af47b9e6a2dcd7ee
- SHA1
  
  b94303e41f7873458f5331159e4bfa4ebd0f4a7a
- SHA256
  
  31f068fc03bcbdf434837e8211922403cf0262a1935669891aba37dc3595ebc8
- SHA512
  
  10bea37eab43bca83ed7555829555bfaa48307a19a32b688c6f8468b88cc6a71c0458dd496639f87624e71de4cf1e447e9258e8db2cc8212ba35f58744037201
- SSDEEP
  
  384:1E6IHCi5LRYeiY81YOk5+GeaB7tOpVTK0S9vd6lsgzPN4897Y5Se6LZJU71vayxQ:nqWbRPaI89vd6fzPN4897Y5SbLZJU7xQ
Score

3^/10
behavioral27
- Target
  
  win-airplay/swresample-3.dll
- Size
  
  148KB
- MD5
  
  0c0168df4e83206e7d38c5c713bf5c52
- SHA1
  
  bc1685960f044e2429ef8e46630e145a77a3a1a5
- SHA256
  
  5480da08f5f01f7d9c286241fb7eb0f9b4493c1a6b717e9985ecacc15ee89f85
- SHA512
  
  878c2f4390b257451c554629b23ed12cf448b4ee417dc8b9b41705e085974dd8e0e3467d709a0e596e186f485f5027f4ca78b43c8d09e5d8376feafd0b6475f7
- SSDEEP
  
  1536:vg6AVS5Jk9sBWl2gzZIndNh3NAPW7UlysyFuOivehkZPaT8jOaisbSb92jgsmd+1:vg6AVS5Jk9sIl2gzmnb4qFfkZPaTHu1
Score

3^/10

discovery
behavioral28
- Target
  
  win-airplay/swscale-5.dll
- Size
  
  574KB
- MD5
  
  dffd7236f54a5155d24b8b3488a1993e
- SHA1
  
  01759bc02a52a531af4a88e09170f58be1168bbe
- SHA256
  
  4556cc878bacc94fb8aa3ef1d7f50eba85737783cddf7af7226fcf73ec75cdad
- SHA512
  
  8b399cb3b86473a207cde96c5169a1c4fa1135d4e93e347eaa8ac896ac3cb8ac44a1a8d382e21a3364b1ef554970db514ae4ff2534483ca7d9b69137bae23032
- SSDEEP
  
  12288:9yMI7XVpyNFz90Pwj0izmi/ZBnoTTAg0zg/8J0InE6ylIyfXZTGXpatW/:YMI7XVKzQ
Score

3^/10

discovery
behavioral29
- Target
  
  win-airplay/蓝莓投屏官网.url
- Size
  
  44B
- MD5
  
  e0405971398016b8b9ee4b80508faf2f
- SHA1
  
  412e94c01b8e8198328f84453dbad158824f1ef0
- SHA256
  
  2222d3c4a90eb93c55f13f91e1b8975d399f90f20bca4736f3c69bb8ceb0b8fe
- SHA512
  
  36c9123888f521ef98ce5827cc2cdfa615962886c959ff1a3dc45738ffc6530272f779bbe0bfdbfd324b584e78360d4732edd66608983191bc312ac0ea23f2a1
Score

1^/10
behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

T1546

Installer Packages

T1546.016

Privilege Escalation

Event Triggered Execution

T1546

Installer Packages

T1546.016

Defense Evasion

System Binary Proxy Execution

T1218

Msiexec

T1218.007

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Blocklisted process makes network request

Enumerates connected drives

Blocklisted process makes network request

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30