fa09d24d7481dbdfc1cff6aaa92d2aec908e037a22a02346f6feeee5d6ba688e | Triage

Sharing

General

Target

winamp_latest_full.exe
Size

12.4MB
Sample

240908-zxbjasxfpe
MD5

39b72e2cbf2fb8da961538de3e892eba
SHA1

237ce8611cb8e2ede8a5d6b982597f7e93b2cd81
SHA256

fa09d24d7481dbdfc1cff6aaa92d2aec908e037a22a02346f6feeee5d6ba688e
SHA512

36e8b9d759d960390e8f1b4ac420d591204cb95a776be668db365c453cb702cadee9b34c03779044fdc04c2d2929ac542e01bba50094f8352e2724a082611b59
SSDEEP

393216:udNH1gz1+ZUUG9NWpHYV6ohIBfqHts7UU2wP3:udZk1vUG964V6ysUs7U/u3

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  winamp_latest_full.exe
- Size
  
  12.4MB
- MD5
  
  39b72e2cbf2fb8da961538de3e892eba
- SHA1
  
  237ce8611cb8e2ede8a5d6b982597f7e93b2cd81
- SHA256
  
  fa09d24d7481dbdfc1cff6aaa92d2aec908e037a22a02346f6feeee5d6ba688e
- SHA512
  
  36e8b9d759d960390e8f1b4ac420d591204cb95a776be668db365c453cb702cadee9b34c03779044fdc04c2d2929ac542e01bba50094f8352e2724a082611b59
- SSDEEP
  
  393216:udNH1gz1+ZUUG9NWpHYV6ohIBfqHts7UU2wP3:udZk1vUG964V6ysUs7U/u3
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/Dialer.dll
- Size
  
  3KB
- MD5
  
  adea8024c99d7802fa3c9e5d34877aad
- SHA1
  
  4e015a5be3e668aa3e9758370413f2bb8ec5ad1a
- SHA256
  
  242b6aeb759e31b64e014e3df6b5c478fb309d56b4df8cdb59b2cd03bfa77db2
- SHA512
  
  717a9f08842e96e9395fe8fff19138d7e599e3dd4f44b7b55d9be86211f20cd89a1d315df1f241afc52456da738623401ee721b17e9fd5949fe1decfc1b2819d
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  1be3fc5971da6f9b86843d0763912fb6
- SHA1
  
  e921bfa5b330102630420007a63fde0c439f0cdc
- SHA256
  
  89ed50600e7046184f80b2a20b5299f35a0439fab1ad1f9f5fc55606955b6186
- SHA512
  
  99e5a4e888c6cbd2b67464162516aec5a564447fec389012acd8873aa6312020bfe5f0d68e83f54a7320355c5f828f7769f666d5cfd12f2ceed02a6d5b66dc4d
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  68b287f4067ba013e34a1339afdb1ea8
- SHA1
  
  45ad585b3cc8e5a6af7b68f5d8269c97992130b3
- SHA256
  
  18e8b40ba22c7a1687bd16e8d585380bc2773fff5002d7d67e9485fcc0c51026
- SHA512
  
  06c38bbb07fb55256f3cdc24e77b3c8f3214f25bfd140b521a39d167113bf307a7e8d24e445d510bc5e4e41d33c9173bb14e3f2a38bc29a0e3d08c1f0dca4bdb
- SSDEEP
  
  48:S46+/nTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mFofjLl:zFuPbOBtWZBV8jAWiAJCdv2Cm0L
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/ShellDispatch.dll
- Size
  
  4KB
- MD5
  
  9c266c2dc7eca5bcab2d8df4990e0c1f
- SHA1
  
  662da3d9ca18aacdbaef884065fbfffdfacfabfa
- SHA256
  
  ea7800b89e49e7d7214c1405b4906f366096dfadff28d0732acb90ab2e9a99bd
- SHA512
  
  e9318db79b02df6b3b72ed16c5d70e4b46bab71f31544ce0323cd6dae739be1948a9d3a468977d703576d7f33580e3be5d1d1ace1fb29cee9dfe325c6e828139
- SSDEEP
  
  48:SEhtu3nH1xOKMd3afu3fnkXfaq7qFBtHugUhA:fu3VxOhham3Afx7qFDHAA
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/execDos.dll
- Size
  
  5KB
- MD5
  
  0deb397ca1e716bb7b15e1754e52b2ac
- SHA1
  
  fbb9bcf872c5dbb4ca4c80fb21d41519bc273ef5
- SHA256
  
  720be35cd1b4a333264713dc146b4ad024f3a7ad0644c2d8c6fcedd3c30e8a1f
- SHA512
  
  507db0bee0897660750007e7ce674406acf9e8bf942cf26ded5654c07682757b07c9eb767bead0966478abc554dc9a6461c4288dc35d12cacfadad4c128f1bb7
- SSDEEP
  
  96:J++xDiP4p7t7dNOt3stxtRFFXxGD6qxlnKE6ttdH3r3:Rx9pJ7jQs5toD6Cln/6tt1
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/extstrip.dll
- Size
  
  2KB
- MD5
  
  720cc2e5a1f83a7db72e009353f21ac0
- SHA1
  
  4b6ec18d4971738cbd9ba42211f51d5295f86002
- SHA256
  
  89e8931f2adba8aa67ce199a510965fd51ce430acf067478910c5b622827e08d
- SHA512
  
  a17fec91066e1ef7f1ef39b61cf077481dda12204690f5006010c9bfb1899721d10c22c3a95a7f6276d2689380eea93e32a45b24dd153ee9006c79ddb70ced80
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  6c3f8c94d0727894d706940a8a980543
- SHA1
  
  0d1bcad901be377f38d579aafc0c41c0ef8dcefd
- SHA256
  
  56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
- SHA512
  
  2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355
- SSDEEP
  
  96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  675c4948e1efc929edcabfe67148eddd
- SHA1
  
  f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
- SHA256
  
  1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
- SHA512
  
  61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683
- SSDEEP
  
  96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/nsis_winamp.dll
- Size
  
  4KB
- MD5
  
  1e1ded1cf1c69852f2074693459fb3b5
- SHA1
  
  81b165cae4d38a98760131989fdd8aed2c918679
- SHA256
  
  5946278545abbd0b0f5188752fe095e200c85abe0783632a00726d090c0753ec
- SHA512
  
  a6f9a43d4432658c3504629e9209ad350af69eff542d139e0ccfe0dbf8662f15034edd3cf8b56d606a740b66c8221cafad999088a4e64a4c9c9fb47793a19f96
- SSDEEP
  
  48:SEdAWvTa5HlE1m198EqtjbglT68HY06mzWB+wUKCmMpzm7n4/ZS9:LA2a5Fcm198EqtjMlv47mzWBVgaj4/w
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/nsisdl.dll
- Size
  
  15KB
- MD5
  
  ee68463fed225c5c98d800bdbd205598
- SHA1
  
  306364af624de3028e2078c4d8c234fa497bd723
- SHA256
  
  419485a096bc7d95f872ed1b9b7b5c537231183d710363beee4d235bb79dbe04
- SHA512
  
  b14fb74cb76b8f4e80fdd75b44adac3605883e2dcdb06b870811759d82fa2ec732cd63301f20a2168d7ad74510f62572818f90038f5116fe19c899eba68a5107
- SSDEEP
  
  384:7py18oahashajPmIYInUJggBOZgAHhUKijb:7py18oafmeggBOCAHpij
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  Components/ssdp.w6c
- Size
  
  31KB
- MD5
  
  80e53207d1f5f684b098bf70b66c34b1
- SHA1
  
  848367ff79a68319c9211abfae289a3802a809f6
- SHA256
  
  dd55372e906699c3e35f02313736f74a13d1e526d0b9620cadb70d57e530af63
- SHA512
  
  cd7e0b59a2eb0ccf164e958e758d53646dd6a229a67cb37e2d524fb36d19116117b7390a368bc47043faf407d788e839aee20f501b7c90d367515acdf65690ac
- SSDEEP
  
  768:mZsCH6rVPhn8cIdHbiGFCglWMEpYiTPx3//:mZRUVPh8cINbiGFCgq7TPxv/
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  Elevator.exe
- Size
  
  97KB
- MD5
  
  59803a5bb88b88a6d83342eeb3816ad9
- SHA1
  
  cafa43cacd584deb0d54ac31ae9030f90455c6b7
- SHA256
  
  a8e9655510906994fdef3993bebabf0a5e0b6604f02c0ccc28fd31be3aa684bf
- SHA512
  
  85038570bb2fb39e7ee8994ccb3f8f9203c0d8360fea889d238c13b3b49a7ab85488edd01d3ec7e37288ffbd0db7e84cfe0353e199289a854311d27990cb9eea
- SSDEEP
  
  1536:S8RRcfSJKxaWWWxVz7MW/UXFue/mu67TPxvn:S8ZJKxaWWy57eVue/mu6fx/
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  Microsoft.VC142.CRT/concrt140.dll
- Size
  
  237KB
- MD5
  
  9ad549c121108b3b1408a30bee325d08
- SHA1
  
  898ffc728087861e619dababd8e65cc902276d06
- SHA256
  
  263975e4f5afc90e91f9f601080b92c9fbc5e471132f63ad01c6c4f99b33b83a
- SHA512
  
  9a9005acf2af86d6a0a95773e968d98e90b7e71e8e71d58949ff51aad49050dca57d94a19671b1b5026bd74e7b627f31d0c8a50bb66ab740d629022c3a95d579
- SSDEEP
  
  6144:aLy1UNAZHA2nSG5LbEcutDsSaqiOHYb836TLLOeHFQyS9uLms12z/NpJ9yne:2hkH0Yb83KLxmuLmdzoe
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Microsoft.VC142.CRT/msvcp140.dll
- Size
  
  426KB
- MD5
  
  8ff1898897f3f4391803c7253366a87b
- SHA1
  
  9bdbeed8f75a892b6b630ef9e634667f4c620fa0
- SHA256
  
  51398691feef7ae0a876b523aec47c4a06d9a1ee62f1a0aee27de6d6191c68ad
- SHA512
  
  cb071ad55beaa541b5baf1f7d5e145f2c26fbee53e535e8c31b8f2b8df4bf7723f7bef214b670b2c3de57a4a75711dd204a940a2158939ad72f551e32da7ab03
- SSDEEP
  
  12288:/gO0BGzePo6+J+4P0xYv7IQgnhUgiW6QR7t5s03Ooc8dHkC2esKcWKe0:701Po6+J+dxYv7IQgk03Ooc8dHkC2ezc
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32