Resubmissions

09/11/2024, 19:28

241109-x6zldatkfp 7

09/11/2024, 19:23

241109-x4at8stkap 8

General

  • Target

    sunshine-windows-installer.exe

  • Size

    11.1MB

  • Sample

    241109-x4at8stkap

  • MD5

    8312c5f6b4975bd773854ed2a60ad055

  • SHA1

    6993de295c40c9fc81730eec58e0c32b9f6f159d

  • SHA256

    5608a618bc19fa3e21e6272d91d6443512da3c3965bd62e18092b4c7ec07cd29

  • SHA512

    a09a0009638f871fa4d2eda7863ab53ba1ca8ab8af2d5730a4c84475420faa45aaf3e20dc9cf4ee2b57097f35b6886d5ecb25a1731d0faa37027b90107e42bcb

  • SSDEEP

    196608:G3U2mDrnyHvZHyrKjS5/DAeT6LC6Gu9WP8EeszDQspgSV/p9gMsy8:YUlIv0rCOrNOWzug07FsSSVey8

Malware Config

Targets

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      30KB

    • MD5

      ff6cb85adb441e639dc58948651d54d2

    • SHA1

      2ba0514b1e64ce4c13c987c30f1b6e61225f192c

    • SHA256

      bbd81555abbfeff33aacdc8c34c307c2eb680953c7f4c4c02b20a8fe10e88bd6

    • SHA512

      bf4c8e862b548011f7d465c82d3c4bc84e7836c4bcd943ffa6dbfbe95d43fc355cf00936cfc4db34822906212bbbc69271f356b74d70051b52cfb9b74f58149d

    • SSDEEP

      384:1/YECOP6qzJH9pBaCxuxux1EnQKGwH1BeIkuK3TqN1fbBxDj0OLxmnWvL:1YZqzJH9pix1NVBnkYpbBr2

    Score
    1/10
    • Target

      $PLUGINSDIR/StartMenu.dll

    • Size

      11KB

    • MD5

      3e60c0b440b1ecc21d956e83bcba0976

    • SHA1

      8fc85b2d7b4192105afc73dec15d49280345e474

    • SHA256

      135e5a8272b9732d4b9a798b29adf953b4fe4e802b3f6178896ada530d4ecdfb

    • SHA512

      57c879668f28d29d45b91538e27fafa9628881e1423673402579cf670a5a3fdc3b03abb19feea3655969ce8789e18f70508a78d26174add767738821557a8354

    • SSDEEP

      192:JLB7OopThbgh9Yoo6sHUzKXW1kOUBo5Boz9c:JLB77p6h91s0zKGWfc

    Score
    1/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      25KB

    • MD5

      853d33d653fb8622e5fd1aa862d07aa0

    • SHA1

      310561cc0f30657974ab627a2341adfcec84ab92

    • SHA256

      dbeb911118606a36e430e8d8be39e944b80167fb81ccd11c56afafb25747e633

    • SHA512

      6d944929b0a4350aba32b28ef9f26d6c8f1a7c44aade158587829101a110ac7d892a9c5ca4ce60945c8cbd63eb0df63c3e8785c871e85ad22635f0ac80dba70a

    • SSDEEP

      384:YQi8KP2WPZVVAfsjFMOpIVKGdDWG0OkuK3TZupbm:Y+KP2zEjFMTxWG3kbu

    Score
    1/10
    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      7KB

    • MD5

      8e1998776ffd1d578a80d603c55721fc

    • SHA1

      48ff2d677739d0f34f6c8cda41258af3989f534d

    • SHA256

      7616de346ee28e4314d8a5bf67575c0010b1b07c93c6c29798f9106589ba25ae

    • SHA512

      90c0800e485bd56177576b1d245457427d15b81b475eca4154a65225b82fe9c2ae7f07b07d48a61a3f622c4b2a2cb0b834a5d0b0b895f5bbf88b5bdead2257eb

    • SSDEEP

      96:CMa252x1kO2TPrdKXW3xOgHdjOC2gwNQtyrdUyJx1XW:go7DJKXWDSpJ

    Score
    1/10
    • Target

      Uninstall.exe

    • Size

      216KB

    • MD5

      72afe51d21698444e3904aa941f7b7d2

    • SHA1

      84aa50e5c9904fb86e3d552ecf7bd06229fe0759

    • SHA256

      efe7751908e2c66a1b2de3ca8891836eb66249a2e357b6daa2ba0aad78b19a43

    • SHA512

      c61786714a626081d05907dc49d90eeebaa20fc7e65bd8e805ddd92a9274ed909ea59b69741ad47a79bb71bff9fc20039c071b35f896da0903e7f0d60b327a0a

    • SSDEEP

      3072:6paNicumFWpTV98xQT+5U5owpwSaceApxleMkoVetpTG4nDKH3fk0amO:fN3umFWfB0QOSampxlHkKe3DKXfkz

    • Modifies Windows Firewall

    • Stops running service(s)

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      assets/web/assets/_plugin-vue_export-helper-fe085d29.js

    • Size

      320KB

    • MD5

      6e699a8fbb7fec33cee7e5e64fbae632

    • SHA1

      f7a873a9a4db0c54910c295851d4addc839ee3d0

    • SHA256

      f409345f492f984e9158de11fce4e061fcf4f0af87e55c4e17773c13c6965a84

    • SHA512

      543d241fcfae70afaf75d4ed389be66cb3e9750786c07f1967d8a9d6f57d10d2bba52b0647d5ea8cbd6c2cc24a5e90ff5f46070257822c3c7d34684d363d256e

    • SSDEEP

      6144:Nf73RnuBbRqJ3jyDEldItvtq0Sd8fYWOY/ZUz1TnkU9N:Nf8Bbu3jyfrqQfYW+z1TnBN

    Score
    3/10
    • Target

      assets/web/assets/apps-966a1e70.js

    • Size

      83KB

    • MD5

      603381020f0223c89acf91351023cdea

    • SHA1

      1915905232f6747d8dd9c57f2ebe966704aedb00

    • SHA256

      474e52706ea30e7c2521004bcacdc5d36ccfbfe9c21e838b51ce2bd729d24007

    • SHA512

      66068ca6b7bb335002d01edb448312b3cfe7c46e22000c94604dd9af9a5057e33c11f31cb131f7623ef48c5694e6370c2f2685f4ab0852268fe935d2504f3d01

    • SSDEEP

      1536:Y7xCnNy1EScECpFCW4zsfwVta/KbXFeTxXcaxD94VD4GomTIxnHHSV6Lk:Y0IzrFeZcu94VD45/xnHyR

    Score
    3/10
    • Target

      assets/web/assets/config-f4fb6dcb.js

    • Size

      4KB

    • MD5

      ac71847ca3ee0008800c9802f1c72d8f

    • SHA1

      db571b16ee3b479591f4990baab3fb66f9106ba0

    • SHA256

      dc9e7fbdc9b5f6400a57d66640741ead5eb546aedf28b7c14f5398a064c21b4a

    • SHA512

      78d98c4f69ac484c683df5f8e7e811523b0ad5ea39aabe69d865843bede7ba21792567c5c2d2a05a9b9ebfa4ff693ad376e02c304cad17e225a2c54819b29641

    • SSDEEP

      96:5Ul/J2Xqdh9nWCbwUxnV3fTEHuQ4OiDGdzC3ss9HLnfzQcG853lx9Ri8DMHKhkYj:5Ur2XqL9n+4vAHuQ4OSGducoHL8+3hLV

    Score
    3/10
    • Target

      assets/web/assets/password-41ebda5b.js

    • Size

      634B

    • MD5

      3d3e6cce6e6d525bdcddcf5659a839e0

    • SHA1

      05dd0a4aa3c0b4a1b192e5e352eb5573e0d93f8c

    • SHA256

      c4ab12ba9e4e1510328717c051e2452e5382ab1d86def5de7ddfba2a248d3ece

    • SHA512

      34497902c9b676f70190f3c1317f15f9947b4d7520628905921cb2cc841a7a3d60442285908da761424bb17a282868b4edf65221a964ce1a5e292466918e8256

    Score
    3/10
    • Target

      assets/web/assets/pin-677ef343.js

    • Size

      810B

    • MD5

      030d37427ef02ec9b81bd25485b5493c

    • SHA1

      033f11e9f71ba348a83eed99d114f57ee6f0b6b8

    • SHA256

      24f19c48dbce4e8e71ab15695803129d36e57f66591ff17729c113bacaf54a20

    • SHA512

      203540b6e73d7cb875375a154a4ffcd3e0450009f9f210e9da49390d215c5d5d20fabc493696f56b152378661b0f5bd3fdf90e8e3329507e9deb5496859eb5e2

    Score
    3/10
    • Target

      assets/web/assets/troubleshooting-76080e6f.js

    • Size

      1KB

    • MD5

      fc2080a431af2a636ef454861349b03c

    • SHA1

      153639513e6a83b3afbf58ce00a355edd1618e5d

    • SHA256

      6ad86daab55ca5128d87fa6ba432e771e7269db9bda2123302d8209c76127b1b

    • SHA512

      a8a54cd16487d6e39b01f2f4f1ba4f5faaa60c64dc7ee0ac56c1f9059710b8e71dfd2e9c65b863a63e6586e68959e2b982b34376a3585ceff229f9e9d1558191

    Score
    3/10
    • Target

      assets/web/assets/welcome-6454da3a.js

    • Size

      657B

    • MD5

      4dcbeef21497bee77a58fd94e6ceb9f1

    • SHA1

      d4346bf7f75824ae380bae69bf42e0f21fc62b8b

    • SHA256

      b3c6b3980b5d88dc2d98bd791ff747bf94fb07ab8ed49e450c52a9511b39bb7d

    • SHA512

      4836873bd15891ec31dba1c88bdb283de79e17fdcf22c02cbc3991f59ad3fb4de94978c709d8fee29a8da4825203f8c25cb5145025eb3a8ae8a60172781beec0

    Score
    3/10
    • Target

      assets/web/config.html

    • Size

      54KB

    • MD5

      d7c79c21c960c8212aa65dbd5c834aac

    • SHA1

      aec699f629946181cf1dfce593c3141c2a200fd9

    • SHA256

      6eeec9b3ac6267f2b7a78fed0984d55fc0d281d4f14b450933008403767bfaef

    • SHA512

      ce1469fce5d2ab8f7181392b7ac28727d60b9aa48bc33fba2d9158978d2b118394a20f0b773be28e4caa222ea76f3b77c1d058f1fda1cf781417453400300c33

    • SSDEEP

      1536:nzCdbGOjaaprCc0bDh1eh1ECyVAIbzkFKM6Dom:zDaprCc0bDhO1ECyVAIbzkFKM6Dom

    Score
    3/10
    • Target

      assets/web/index.html

    • Size

      3KB

    • MD5

      4e460bac7a7cc1c0b8f67eebc73f2205

    • SHA1

      57170b42ddeb4296177d16646e3e3780f02b7184

    • SHA256

      2547a2697e344266ca302514ead6fe8b02ca4f8c08417c875ab742526cc278db

    • SHA512

      c5df89254f3ae175906df6a55f0908b7a30c07161fd397f6194bdb5d6a3cea1bb72c217fb338d6ecb52a3f265b67373e3df820aa446af6b86aeaf8f637db3160

    Score
    3/10
    • Target

      assets/web/password.html

    • Size

      3KB

    • MD5

      f1c5d1dab62c3c10ed015b40fb69b1d0

    • SHA1

      bd6d14104b82c0534fa8410cc8951f5cdb8feb81

    • SHA256

      9fa2555ae1b7bb2bec3256ca1fa28e1c4f8a4a30a4591c8f551d5807a7c1c29d

    • SHA512

      197e01bb3fdb19c98ea3620cd5cdc8e8128433b03f18d104ffc9bafe697030e421ae5169628a11714677b2b3cfcc3f6c9cffe667bc22c59818a3794216b908f9

    Score
    3/10
    • Target

      assets/web/pin.html

    • Size

      1KB

    • MD5

      d456ed90392dcc2835afc32edc50116f

    • SHA1

      06a6e5b642c91c216ac1152eed04c1cde3b3127c

    • SHA256

      4ec1049ad14dd47021fbd938b4b76ce3a910df25a7c7f10f86d42257440a5206

    • SHA512

      104bb114df7d465e89d25bbe898f685dda6937895e45c3a8dabfb03322c673e82b3c0d955396d2b0d533ac0cfba50a8b307e240ffb034c9b75d2ff5caff3fb7d

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

evasionexecutionpersistenceprivilege_escalation
Score
8/10

behavioral10

evasionexecutionpersistenceprivilege_escalation
Score
8/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10

behavioral31

discovery
Score
3/10

behavioral32

discovery
Score
3/10