Overview

overview

7

Static

static

1

Dolby_Atmo...m].rar

windows7-x64

3

Dolby_Atmo...m].rar

windows10-2004-x64

3

Dolby_Atmo...me.txt

windows7-x64

1

Dolby_Atmo...me.txt

windows10-2004-x64

1

Dolby_Atmo...e.txt~

windows7-x64

3

Dolby_Atmo...e.txt~

windows10-2004-x64

3

Dolby_Atmo...er.zip

windows7-x64

1

Dolby_Atmo...er.zip

windows10-2004-x64

1

CaptureStr...or.dll

windows7-x64

1

CaptureStr...or.dll

windows10-2004-x64

1

DAX3API.exe

windows7-x64

1

DAX3API.exe

windows10-2004-x64

1

DAX3APIDLL.dll

windows7-x64

1

DAX3APIDLL.dll

windows10-2004-x64

1

Default.xml

windows7-x64

3

Default.xml

windows10-2004-x64

1

DolbyAPOv251.dll

windows7-x64

1

DolbyAPOv251.dll

windows10-2004-x64

7

DolbyAPOvlldp.dll

windows7-x64

1

DolbyAPOvlldp.dll

windows10-2004-x64

7

DolbyAPOvlldp120.dll

windows7-x64

1

DolbyAPOvlldp120.dll

windows10-2004-x64

7

DolbyDspVlldp.dll

windows7-x64

1

DolbyDspVlldp.dll

windows10-2004-x64

7

Headphone_....2.xml

windows7-x64

3

Headphone_....2.xml

windows10-2004-x64

1

Headphone_....2.xml

windows7-x64

3

Headphone_....2.xml

windows10-2004-x64

1

Headphone_....2.xml

windows7-x64

3

Headphone_....2.xml

windows10-2004-x64

1

Headphone_....2.xml

windows7-x64

3

Headphone_....2.xml

windows10-2004-x64

1

Resubmissions

11-09-2024 18:46

240911-xe5y3swfpp 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Dolby_Atmos_Setup_and_ControlPanel [PeskTop.com].rar

  • Size

    11.8MB

  • Sample

    240911-xe5y3swfpp

  • MD5

    389125e12835847cf559f0d797342db8

  • SHA1

    c9b9b9a1f0b673797254c3b30b32ff075401975b

  • SHA256

    e7540e416771a4532807a975e55c934110fd0d1f906d08a400b133e94bebe4c9

  • SHA512

    b8701fa9bd28dec31f620e0ccdd237b7317566b71b876535c1cff60266e9c77e5b6909b7d2a5053e354acc2bed885669f113e81d5170addb94602216fe64d00a

  • SSDEEP

    196608:DX815W0qNzvNdYk5axsXhwd5L6qljcKe6hrYO2xAeb9IxNlQwdBRNoRA5F+G1kY:DX815WTNdYDxowDLwKe6J8ieuxYmBRNt

Score
7/10
discoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      Dolby_Atmos_Setup_and_ControlPanel [PeskTop.com].rar

    • Size

      11.8MB

    • MD5

      389125e12835847cf559f0d797342db8

    • SHA1

      c9b9b9a1f0b673797254c3b30b32ff075401975b

    • SHA256

      e7540e416771a4532807a975e55c934110fd0d1f906d08a400b133e94bebe4c9

    • SHA512

      b8701fa9bd28dec31f620e0ccdd237b7317566b71b876535c1cff60266e9c77e5b6909b7d2a5053e354acc2bed885669f113e81d5170addb94602216fe64d00a

    • SSDEEP

      196608:DX815W0qNzvNdYk5axsXhwd5L6qljcKe6hrYO2xAeb9IxNlQwdBRNoRA5F+G1kY:DX815WTNdYDxowDLwKe6J8ieuxYmBRNt

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      Dolby_Atmos_Setup_and_ControlPanel [PeskTop.com]/Dolby_Atmos_Setup_and_ControlPanel/Readme.txt

    • Size

      378B

    • MD5

      3f51ad7312623072765eca794e7e91ea

    • SHA1

      eef453287ce5e50cd68559b5bd8edea1590ceef8

    • SHA256

      f98d7b8c21832765e14504ca4a7c32f71e54f7eaf05b481cad2a195f4850bfba

    • SHA512

      5d87b6194b33f55082ed2a91802c9103e0d924ffbdfc06e585e0e2f154fa92eafa61027df4679cd527f348d3834edf105b5be2de7ae06c77da26b2accdf9f920

    Score
    1/10
    behavioral3behavioral4

    • Target

      Dolby_Atmos_Setup_and_ControlPanel [PeskTop.com]/Dolby_Atmos_Setup_and_ControlPanel/Readme.txt~

    • Size

      360B

    • MD5

      73c03b6d4f97a68da6bd76cc2da9b054

    • SHA1

      dbc4f2fdbc108fd96a6bbecb958d3d2ad2a4f503

    • SHA256

      0fec6abda33042e7a9cb9b38ef36aef21103b46822f13942a72a3443a0d6bf4e

    • SHA512

      61e64fecf01cbf72c9d34a472611758f032ac43bc049679259ed0b6a2496e14e6b0c3f987e066388b17abec7d8da34a4e5647c27a81d1f79db8c0e78156d1276

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      Dolby_Atmos_Setup_and_ControlPanel [PeskTop.com]/Dolby_Atmos_Setup_and_ControlPanel/Windows_10_64-bit_basic_driver.zip

    • Size

      2.7MB

    • MD5

      1fb4eb3943213adae82e317d1d63f6da

    • SHA1

      fceac3122cdc3949eb6dc927522c816d6f0545d0

    • SHA256

      a4f54f05c88d332500c769257a78c51d55fa8ae6d7b3433863b92393c74f6742

    • SHA512

      c6f4e5944efaa056f40340fbabc5315a8eeba4b3df8db009aba23f34d351b66477cfac8dd83ec96484f80eb6d36af631ee209974759fae4d8866bfb045480ede

    • SSDEEP

      49152:NCXRtIxSYnJOoe7yfNnHYKVMmU1mRGQjsG2PdC/lzGiXDmFbImWEkuv4wHcd1sFz:kIK7yfx4KmZm00IgwiXG8mquv47dAp/p

    Score
    1/10
    behavioral7behavioral8

    • Target

      CaptureStreamMonitor.dll

    • Size

      611KB

    • MD5

      455f88f500cbbc1e53b137f50ec67757

    • SHA1

      db4673cccfc5bdef5e02daa2af7c1a67ea7ba10d

    • SHA256

      5d10d2bfbfdd1d01276cd4b319d357301927601c51f0dcf129d9e6e52191e1d8

    • SHA512

      592c24cfa8ee192464994c5033247768fc2bd2311de2a57e26ddd159e7837e47b7ff7e664f79958deba4efbfb299900728de275f7959759c1131edbbc8ee3917

    • SSDEEP

      12288:7CPk2jPs1WZrd1TqY6+HfvlZhjOXwZoocDLXmhkEqy:7AkrWn1b6+Hf9ZhjOXXtCeE

    Score
    1/10
    behavioral10behavioral9

    • Target

      DAX3API.exe

    • Size

      588KB

    • MD5

      063a29d4c97621a2d7512818f6cb10b2

    • SHA1

      76716ecdedbd35a556ae60ff2617696172565e52

    • SHA256

      2a7fd9eb17ae54c2ba2c73aabad13998e2405e009816e00ed6d4fc66569bce3a

    • SHA512

      ebe81116ecb55c07fb144270844da47a2500ee0f945b47399c2d90cfcfdd9b636e067f181e6d994489ea829db189f21ea6e54a7fc67b51ea2200b506d75ae0c7

    • SSDEEP

      6144:CreVUYn0f2UqClJx2hbQkY7MiejyLR+GxdT4GOoY/woBJmFQDF1NKW8WI8pmDTmI:CH++lyYIvjGxZ7gfX48pPym

    Score
    1/10
    behavioral11behavioral12

    • Target

      DAX3APIDLL.dll

    • Size

      154KB

    • MD5

      31ff5ea4aa14382736a9535de7d63f9f

    • SHA1

      ed1fca78de6454249b2fc222cf75ab3179f3cd84

    • SHA256

      388d96ed3f44b5b073ac6eb78d12326a686c9666f6f779468074433accdec512

    • SHA512

      0a7aad9dc4124053b586f05a4ea38d2ea8bdcd71b5ae2efb86448a6eba8654b0476a7389098dda3b32155b18b25502a7e25e316000c73d1fda6868fc48601b95

    • SSDEEP

      3072:wYNirZGeASQ8iLaMI/Uw6U4C2H354tkM7Y8fqEvRrNqw:4AnLGso4C2H354tkM7Y8rVNL

    Score
    1/10
    behavioral13behavioral14

    • Target

      Default.xml

    • Size

      72KB

    • MD5

      b918a7492cc90737d599eda10cc858ce

    • SHA1

      f514625b0dcaecaad7cafc1ef1011e01e5f24fe9

    • SHA256

      bf3c22e715534724e8864a8de00c90cad4afbe052f171c7435aaf28556739298

    • SHA512

      3da24cb9e929e8fac9427f5a5e76aa7be6b064771316eab0085a772c01bec61525ef2bfa6e4b0a910376d4b469bec5b1f978bccf9f69df98d93d0696ab87460f

    • SSDEEP

      384:gC+6WujBDctLMmeYCDctLMmqZCD6tuMmzYCDltMMmiYCD6tFMm0YCDrtxMmhYCDc:j1A2A9fRcCewlTlelc6r

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      DolbyAPOv251.dll

    • Size

      1.5MB

    • MD5

      0a88b532066bc39fddd011a75b94a75f

    • SHA1

      0d1e2440a3a7eb2fdfe1fa60bed8c3bd1cb1c530

    • SHA256

      5856eeffd817fba185b0a53b1cc27cd854c32a6d49c862587a0dd2cb1f22a9f5

    • SHA512

      b1237c0711acd66c7e97d3e2528b9f25c8a6029ce26dd45edc823e2d3061cc1d1f0dde3fbbec2814869b50098ee5d95be14800fac71392a1c650d9df84dac7f9

    • SSDEEP

      24576:h9pZdzyED/D8laLI2Ej0NCzweLRUFGveSznS7i9RHJMXq3yBwSqawO09+00atW/8:hnZ8uD8laLI2Ej0NCzweL8SrS7sdJgfg

    Score
    7/10
    persistenceprivilege_escalation

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation
    behavioral17behavioral18

    • Target

      DolbyAPOvlldp.dll

    • Size

      1.2MB

    • MD5

      a5a8c0672ed39d9dbf30813e806378dd

    • SHA1

      b620c4a65e034be5b39586917137202df9a84127

    • SHA256

      5ba95f61980c4acedff3946ea14d77194ae8b38742989465a29b0b89c964bba0

    • SHA512

      ba358b89a89696c0cc327f0dd1e9bc7ef1afd3300d3513852855aff62fa553115b8cb6e7372dafd6952cbe4562c65306427d327d743f64dc89fc066bdf11ca95

    • SSDEEP

      12288:9J+/q0iTyDaDQ6aEXk7Nq5CPV7ad93iLOtRkLFy60wzauoBfeQYdoY7:9J+/q0lDU3MP8z3iLOts5Tauvv2Y7

    Score
    7/10
    persistenceprivilege_escalation

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation
    behavioral19behavioral20

    • Target

      DolbyAPOvlldp120.dll

    • Size

      1.4MB

    • MD5

      065519b0353217f21554d6bff26fffbb

    • SHA1

      8ac10c163c77f8573315ee3e3bee0106aefe4662

    • SHA256

      e8e4ff12241000f7be4a1c7eb92df63006def111f627028634edaf967bab9b97

    • SHA512

      3f07cdf8fc0ef0f984fb4d2f947ffec54783be74dc20481b801f999cd3d95247660e1eaf05fb11e568965a929ffe8d66cbe7b8adf9672f9e3938b122e8502203

    • SSDEEP

      24576:XwUFGvCKC7Detp4cHxDqzU6EXOfLY6Y8A57sz7Lyj46K3NP22suMJn:Ytp7xD4U6E+fLA8A57snLyj4NPnY

    Score
    7/10
    persistenceprivilege_escalation

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation
    behavioral21behavioral22

    • Target

      DolbyDspVlldp.dll

    • Size

      473KB

    • MD5

      e24cc16cd31289615ca2fd27696d8822

    • SHA1

      13533fee4b51ef84a5d53ed2a625e58f8764b14d

    • SHA256

      ff2b2492ed41ae2588c876fb96f01b9cec22a1a27be06b9a692732455e3d1aa6

    • SHA512

      4148daff69e7942a99978905130c5fcb5c64beafb4ca399d0a0104f5167b392c753123a0871a540c11921dac685bde6f6da6689a660127f54f3ca7ef868d2af1

    • SSDEEP

      6144:gNSYIn22TNmhGUFSilJUlEAmpbJveBCf7ErCxMDC6X89LohaUJngsKohcJZS/vs:iSYMTEjFJcEl37c9MtoBJgLYp/v

    Score
    7/10
    persistenceprivilege_escalation

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation
    behavioral23behavioral24

    • Target

      Headphone_Default_Generic_Default_DolbyAtmos_vlldp1.2.xml

    • Size

      73KB

    • MD5

      051efc890985e83b491715afa496866f

    • SHA1

      5f3b4272120f17ee168e21cbc981da14eab2df8e

    • SHA256

      98405d7fa307c188e508c55e7c18c7a569e52749687446aae4852ff6f30db42d

    • SHA512

      6f3b7afaf6914d101253a802629db727f2be56dbe597f1a5855ff50ee3336cdbd76842ebd196d2cf67eb0bc74842f58f13760952e0d1023946c45c944227bad9

    • SSDEEP

      384:gC+6ajBDctEMmcYCDctEMmYZCD6thMmtYCDlt5MmkYCD6tCMmCYCDrtGMmbYCDr6:jmtYtrI3fgJisZsgsqSr

    Score
    3/10
    discovery
    behavioral25behavioral26

    • Target

      Headphone_Default_Generic_Large_DolbyAtmos_vlldp1.2.xml

    • Size

      73KB

    • MD5

      3dcf704e6fa2b78645eccd1715e4bcb1

    • SHA1

      65117aabbce80f98827885aab39a7544f99183c5

    • SHA256

      cc565750109ce3d87bcea5588f3616ea859955daab0954daa09b1d0c45d098a2

    • SHA512

      6a32a26c58ebc48ce13b097cb80536929c839a1b946ca3cec6016f3bceade50ea25fe3a8ab3ff35af1d44a68fc9954b5f245915d23f64fff7be52c6675222350

    • SSDEEP

      384:gC+6kjBDctEMmcYCDctEMmYZCD6thMmtYCDlt5MmkYCD6tCMmCYCDrtGMmbYCDr6:jAtYtrI3fgJisZsgsqSr

    Score
    3/10
    discovery
    behavioral27behavioral28

    • Target

      Headphone_Default_Generic_Medium_DolbyAtmos_vlldp1.2.xml

    • Size

      73KB

    • MD5

      2d1ff1f0c0bef00b6b10ff74b4f2f461

    • SHA1

      26f2000e34ebaf8af837f89e384d641d050db466

    • SHA256

      64044d0326ce03b68fc5e7b3b9217db09b5c9199dbf07b7b8e354e5732e3c0ff

    • SHA512

      890cc3bf33db63adffca1d4fa38da3c98bface87928a4cacbebc80fd16b40c1ef877e950290bdb96af7a49ab33fb294b93874465091064844f7dd991e53b8d5a

    • SSDEEP

      384:gC+6QjBDctEMmcYCDctEMmYZCD6tZMmtYCDltRMmkYCD6tqMmCYCDrteMmbYCDr6:jUNYNrI3Hg5isZsgsq6r

    Score
    3/10
    discovery
    behavioral29behavioral30

    • Target

      Headphone_Default_Generic_Small_DolbyAtmos_vlldp1.2.xml

    • Size

      75KB

    • MD5

      4295c9bdba518a2dfc919ac23842c6d9

    • SHA1

      92a00707578e7fccc7bb2df66943efda77601e23

    • SHA256

      6fd5c792235e4b6c5de29e2099a3dcc4490b7db41442b3241528daf58ccd994d

    • SHA512

      5cb3231c72188c0d875b3b5f35b2a13265ecc5dcc4bd95140d37c070fac1618cc3b6ad914e0be54ba2ed2ad2d5df28294bbf63c0f5e5c90b7f34c29681eea460

    • SSDEEP

      384:gC+6wjBDctEMmcYCDctEMmYZCD6t5MmtYCDltRMmkYCD6tiMmCYCDrtWMmbYCDrC:j0VYVrI3HgxicZcgcqar

    Score
    3/10
    discovery
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
1/10

behavioral1

discovery
Score
3/10

behavioral2

Score
3/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

discovery
Score
3/10

behavioral6

Score
3/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

discovery
Score
3/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

persistenceprivilege_escalation
Score
7/10

behavioral19

Score
1/10

behavioral20

persistenceprivilege_escalation
Score
7/10

behavioral21

Score
1/10

behavioral22

persistenceprivilege_escalation
Score
7/10

behavioral23

Score
1/10

behavioral24

persistenceprivilege_escalation
Score
7/10

behavioral25

discovery
Score
3/10

behavioral26

Score
1/10

behavioral27

discovery
Score
3/10

behavioral28

Score
1/10

behavioral29

discovery
Score
3/10

behavioral30

Score
1/10

behavioral31

discovery
Score
3/10

behavioral32

Score
1/10