0a0811dda75710e4be5f57710ba378b24edf8a413254e891a5acf2958c125fa0

Resubmissions

12/08/2024, 01:29

240812-bwmyyayfmk 6

12/08/2024, 01:28

240812-bvrwhayfjp 6

Sharing

Copy URL

Twitter E-mail

General

Target

DualSenseY.3.3v.zip
Size

7.7MB
Sample

240812-bwmyyayfmk
MD5

a2d13b5cf804a10f0b14cdaa3fed03b7
SHA1

7fe78037d0dcc66bcc1ded6f2531f0b0246ce92e
SHA256

0a0811dda75710e4be5f57710ba378b24edf8a413254e891a5acf2958c125fa0
SHA512

ee7c2ca49f3ca53d7d4a6cafb49f626a7b055a6f226f535970a7dd66abcd8abccc751549ddd9adcb74f9fc04af40537965c7ad500ccae72fd779b80ab32f9dfd
SSDEEP

196608:lIOajqChRG41snZiIBRlLzt12hogjLVWsJ7cb0:Ba22RG4inZPPztH6QsF80

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  DualSenseY.3.3v.zip
- Size
  
  7.7MB
- MD5
  
  a2d13b5cf804a10f0b14cdaa3fed03b7
- SHA1
  
  7fe78037d0dcc66bcc1ded6f2531f0b0246ce92e
- SHA256
  
  0a0811dda75710e4be5f57710ba378b24edf8a413254e891a5acf2958c125fa0
- SHA512
  
  ee7c2ca49f3ca53d7d4a6cafb49f626a7b055a6f226f535970a7dd66abcd8abccc751549ddd9adcb74f9fc04af40537965c7ad500ccae72fd779b80ab32f9dfd
- SSDEEP
  
  196608:lIOajqChRG41snZiIBRlLzt12hogjLVWsJ7cb0:Ba22RG4inZPPztH6QsF80
Score

1^/10
behavioral1 behavioral2
- Target
  
  DualSenseY.deps.json
- Size
  
  14KB
- MD5
  
  22aa00fd793b9c7aa3f95452ecc99921
- SHA1
  
  bb83d6fa4a7e675456e901ea2fa1390bfb17ff48
- SHA256
  
  2ccbf57c7538c562fe48f32d563b9072754d3f92b3f889eed23ffa4b3af54ce8
- SHA512
  
  d374f36c4730c18ef02d1ba7811e6d7efb31b5dbcd126dd8db97c3d33ad7267a453ac019678513d6b5e830f5703b804843468938919e4dca337545e7c277a0b2
- SSDEEP
  
  192:CWf80/lVvPFGDmD8lD8j+E8ev3Ry3GlVZl6W2Zfrzdv8BzI8d6zjEr:CWf1HKmDoDghz9lB6FZXdAIXz4r
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  DualSenseY.dll
- Size
  
  664KB
- MD5
  
  a30c547646948bc74c62e3172b93d911
- SHA1
  
  ae69fddd31566707155720b85ceb64f4282cea02
- SHA256
  
  7d4028b758118bc879f08782ba8724b0bb96dad58c59f641277139386a8eee17
- SHA512
  
  f65aff8487c82e52050ad438f6bed1b48314548093ac37d814ac5497f78becb4d5a5b39f7f468ece86d16949fd127dd2dedba35feb8596f63e9a0ffbd5159a41
- SSDEEP
  
  12288:SAlcnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJAAueUE6GkIAiyvrnbT:SAlcnAAAAAAAAAAAAAAAAAAAAAAAAAAa
Score

5^/10

discovery
- Drops file in System32 directory
behavioral5 behavioral6
- Target
  
  DualSenseY.exe
- Size
  
  268KB
- MD5
  
  83e0f5f0de5a099c0fac637029a8655d
- SHA1
  
  9bb11df51d3df34210f66ac52d1d6b8b0a1e54c2
- SHA256
  
  c5a1ab9ffafb29d9378d80e83fbc155a74c259a30c8b2e6be16324cdd3e53394
- SHA512
  
  3346ffb8e8667a83ad30412ad27fd75db98ab325e9593ff07f78c3a279a42fdd1cbb7b35afa39afe502e463f3b11ff82df41ad8880014878ed9e4a04f981e19b
- SSDEEP
  
  6144:piS4ompB9S3BZi0a1G78IVAcjctSmnqz59gDGq:pyB0aI78IVTgqz5C7
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral7 behavioral8
- Target
  
  DualSenseY.pdb
- Size
  
  39KB
- MD5
  
  07fae8ca266dc9181366448885da71d2
- SHA1
  
  09b1c4ef8b857b18935c67c123967416e02666c8
- SHA256
  
  f96438ac4f617664dc3b078a066bd7c5ebe1b039fbc34055b44c48f7e6f9b39f
- SHA512
  
  7277403e87dc4950a4d7bbd7d71dee2111a10860ea484fe2e5974c4fdd4cfccf1ad7b24d12373c4d1e4af87eafdf72537f3ee949c937fc847a0d560ffe67d4b1
- SSDEEP
  
  768:Uz2LjeVBjukZK4pCY1rYpOOCZC4sl9EQkHAqTxXMS7rXNdYKV:Uz+qDU+NfZ89EQkHA6MSvjD
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  DualSenseY.runtimeconfig.json
- Size
  
  458B
- MD5
  
  07b9a30265ca4e69c7016a1b6e3ffc27
- SHA1
  
  3a4af82a2695b1423aedd8b60a5c86793c011b02
- SHA256
  
  c71152bf25e40d647b2440c5b39be157a3d356106be9d5b678ab97bb87b4e782
- SHA512
  
  efd582f8edcdba5ef48d02eee5f73d83ff35071af99b49e08e0213928568d728d0856e3b903bfcccb9237f786846cf94da83139f99e9bee86287aff2071c3f1c
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  HidSharp.dll
- Size
  
  230KB
- MD5
  
  c5e3f63adbd63da7e97675748a1af866
- SHA1
  
  3b9d5d2ecaf89d53f762048c9ab942250f1a2cad
- SHA256
  
  61eb2e22a5620d789a23d389f1af9d38faff4d85f46adedbc28fb22cfec61bf9
- SHA512
  
  16dcd61b83032a3fd47cb36a400ea4d7910179a9735e66aad9b463daaf2626586756b8ca2e0aa34c5508e29f89e3bd78366ad60c5bb08e053e35dcf03d0a9d7c
- SSDEEP
  
  3072:a0dmxS02174WbpfMRBKMTKsLzzQ6jxt9ovjX59TdDxtHbIg2biTz9Kaj9i1yfU43:4QECMDjQox8TZ62nBGM
Score

1^/10
behavioral13 behavioral14
- Target
  
  Microsoft.Extensions.DependencyInjection.Abstractions.dll
- Size
  
  62KB
- MD5
  
  111e8cb3d3453e58b8802842396dd901
- SHA1
  
  3938d02b0803a5016a955a6662c8557b3416e3e1
- SHA256
  
  4e594bffd358313910cf45acce035d2ebc129fea8591de8ba40c3ba7e458b26b
- SHA512
  
  7531a1347c844383105fc67ead62542f9b9f72c1ac1cb3806990f82b2f2e8d48f83c378d0246132e9d495e2f38f45e65b33102ca83767eec37d0183352fc7270
- SSDEEP
  
  1536:sCYbKF0XEQqb7Uo5hGrrd0i0A7Hf6dbW9yfUazz:YXp0pk/6dK9y7
Score

1^/10
behavioral15 behavioral16
- Target
  
  Microsoft.Extensions.Logging.Abstractions.dll
- Size
  
  63KB
- MD5
  
  3a8a05c325944ba97efa2198b3e49622
- SHA1
  
  da688aad5f37e1a117de89f5fc09cf4d571d57a5
- SHA256
  
  0dce32c03f338e04a42bde3a364b45f22388a876979793098ba973048163d609
- SHA512
  
  86cbeaa8f7a913851944c78a63d02866da831294f7a436aadbd53a48046fcb37f0753d1df8607055e3755befce73cf228f8309bf38bc54d1b4748eaed24b98b5
- SSDEEP
  
  768:uz7ouSrbVozuvi53ReiJd/zk6cuAJU/JJZIAJF/tkJJQiS42hsmc1P+L/ib4XC4u:tuoVozugRhTWAJFmQFc1PYigC4dezJv
Score

1^/10
behavioral17 behavioral18
- Target
  
  Microsoft.Windows.SDK.NET.dll
- Size
  
  21.7MB
- MD5
  
  d6cdb495256001b172c0a34d0cee05e6
- SHA1
  
  4db1ad3809f2615d7e985dbf9661a20a97bbcd17
- SHA256
  
  c067f73eb975b4c32bdb72ccd3de336ebd51174d7dd253514c9f24cb3368bd82
- SHA512
  
  24c56c3b1fd94b9775392974b17bc1b0bb1c600bbae75adae9a9ff8f3a7b5b4a73129e9a10ba5ff76cd6eb2ad33133bf2eea537a74254df5f11a7ea30c3f5e85
- SSDEEP
  
  98304:D+fNW4VioFqWwyxckT0W2FvKkuDnHnlTbmUbym0WRP1HjI+d434a25isWb:SfNW4Vio0pyxckArikUnHnpbuQtjf4tJ
Score

1^/10
behavioral19 behavioral20
- Target
  
  NAudio.Asio.dll
- Size
  
  33KB
- MD5
  
  883e5153b0d9ac447015c23446c2d31a
- SHA1
  
  4f13ebd4923b0411417a029ab89b6d7a02bd88c5
- SHA256
  
  2d803671990dafcfedda2883f4c7811c6de9d830596433ec48af5a114c7128ec
- SHA512
  
  711082327542d5d56b93d69c5650d752f52e68e192e409e903666a5f2c31f98a8336c6ae9823dea53257e0fe7aa9775d74b4c116aeaf5b3ca20a709adf46c75c
- SSDEEP
  
  384:j9hsa/6sN0KYB/aIDP9b4xkofM5zHJUg7HnUeE8rtCumaf7c76+Ghjq8D2yBb4Gw:j9h/8NZDPKGcM5zHJweE4Yb6ttD3BbK
Score

1^/10
behavioral21 behavioral22
- Target
  
  NAudio.Core.dll
- Size
  
  183KB
- MD5
  
  bc0a96668c76a6b382d3e7f9dd5bc5ea
- SHA1
  
  cffb0f104264f04604a44e5965e534304c2b647f
- SHA256
  
  171fe65c30b2ac757e8047dc69bf5bd772d1eca920a2f086f127e06b4a10559d
- SHA512
  
  1c6079fd42d1147fb26b75d9bacd23f1340543fc6daaacc3ac3dbbeeebd1d3e24604c9fd49fc432991dc632a5a370164b3b178864366a4db366527dd85a0e5d8
- SSDEEP
  
  3072:mIJAvGxxPwkHFkpKRdYq2oETRBrRK+7VROY1kquSwsM+S7wl:DAGx9wkHFkCCTRBtfVR7m9U
Score

1^/10
behavioral23 behavioral24
- Target
  
  NAudio.Midi.dll
- Size
  
  45KB
- MD5
  
  4ab6718c9c90f208f8850d947972b8ab
- SHA1
  
  a5ebb0fa0ef611399069ed3ecf12ff45bab6607a
- SHA256
  
  426a5546f69be5683f8152f0ab1ee9f531bf41b3bbbaa9766ec963a25fef9bff
- SHA512
  
  a598291203c40ed70d0570d9c21b7acada58c094dac4f354addb0d04570deb61729848ba0418a18c5ac6944603d7f6dfbeb8f6b497d986d7366129515b447287
- SSDEEP
  
  768:jwWDUSfzw3fpAU/rEC9iLAOQKKdMsMNjxhJU1Vyae9iWvmYRMUQ6LUqu5/EAS7B7:jwWDUuzwiU/gC9GAO7KdMsMNd3me9lvX
Score

1^/10
behavioral25 behavioral26
- Target
  
  NAudio.Wasapi.dll
- Size
  
  163KB
- MD5
  
  77139686699ccddbc4bb96e5d0d2b499
- SHA1
  
  08050fe150577578cd601e3ef374c75ea31b88ba
- SHA256
  
  5739f09678a761057669744fd9d1a740062c6bc81de1cf83ade2941cbdb7129c
- SHA512
  
  998b938070154ab48befe4ae0a477cbb98aa1ae335faca69760520fcee0296098f505c5ec0fd33a037b4d0d44a8c805313d5d8421f6b63227291a0e530aea246
- SSDEEP
  
  3072:frfbQ2pEzV4ulBy8R3L7nDzkku9SMLKASPIzj7FDEfsH2nEs:frfb0Fzt/kXiIf8y
Score

1^/10
behavioral27 behavioral28
- Target
  
  NAudio.WinForms.dll
- Size
  
  33KB
- MD5
  
  602daf03ff42b5458f7370d5afff0b2d
- SHA1
  
  ecd5bfbdf580d2ca24cc6a582318277b96dd8116
- SHA256
  
  d401d592dac89bef697ec86d502bbd14f59ee56fb23f9dd789cd1dd589d5eb8e
- SHA512
  
  fb1bc40b83e11b785ea91b94f250ba71cfd3bf636d4c41d54d3acda1a18d31b237bad39ff2c5e71501edf87ffe2e953673ee5385287e781a0123e69fe5a216cd
- SSDEEP
  
  768:iNMJ4j7TupqLRpDaf1VCPRyb4DmHsRlT+Xee:UuiRpUMEb4DmH1
Score

1^/10
behavioral29 behavioral30
- Target
  
  NAudio.WinMM.dll
- Size
  
  56KB
- MD5
  
  627c00235a3b9cc98474d6f734c3fe7c
- SHA1
  
  f7bfb35abb9e237f4d565be0cdc0861244fb0473
- SHA256
  
  bf0528fbcc844872734eec0b72c176409f4928e7cc12d379d06cb4e0469ebc99
- SHA512
  
  3ada363575cb774d99ecae8773dbab244f65d4e059da610345ddd2e69c9cb11adc320b296422a5346621a026709681f83c9a1919d39fdc46a80f35a8b4cd0b25
- SSDEEP
  
  768:kQFu51JOtZiWr3CJBTNgUEXahPrDVSve+u1tlMgGd8GbpDrXa8Rcer+7Vls:kQ8zrWr3CJZNGahP9Sv1u1tlufpDu1s
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Drops file in System32 directory

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32