Overview
overview
8Static
static
3$PLUGINSDI...ns.dll
windows7-x64
1$PLUGINSDI...ns.dll
windows10-2004-x64
1$PLUGINSDI...nu.dll
windows7-x64
1$PLUGINSDI...nu.dll
windows10-2004-x64
1$PLUGINSDI...em.dll
windows7-x64
1$PLUGINSDI...em.dll
windows10-2004-x64
1$PLUGINSDI...fo.dll
windows7-x64
1$PLUGINSDI...fo.dll
windows10-2004-x64
1Uninstall.exe
windows7-x64
8Uninstall.exe
windows10-2004-x64
8assets/web...d29.js
windows7-x64
3assets/web...d29.js
windows10-2004-x64
3assets/web...e70.js
windows7-x64
3assets/web...e70.js
windows10-2004-x64
3assets/web...dcb.js
windows7-x64
3assets/web...dcb.js
windows10-2004-x64
3assets/web...a5b.js
windows7-x64
3assets/web...a5b.js
windows10-2004-x64
3assets/web...343.js
windows7-x64
3assets/web...343.js
windows10-2004-x64
3assets/web...e6f.js
windows7-x64
3assets/web...e6f.js
windows10-2004-x64
3assets/web...a3a.js
windows7-x64
3assets/web...a3a.js
windows10-2004-x64
3assets/web...g.html
windows7-x64
3assets/web...g.html
windows10-2004-x64
3assets/web/index.html
windows7-x64
3assets/web/index.html
windows10-2004-x64
3assets/web...d.html
windows7-x64
3assets/web...d.html
windows10-2004-x64
3assets/web/pin.html
windows7-x64
3assets/web/pin.html
windows10-2004-x64
3General
-
Target
sunshine-windows-installer.exe
-
Size
11.1MB
-
Sample
241109-x4at8stkap
-
MD5
8312c5f6b4975bd773854ed2a60ad055
-
SHA1
6993de295c40c9fc81730eec58e0c32b9f6f159d
-
SHA256
5608a618bc19fa3e21e6272d91d6443512da3c3965bd62e18092b4c7ec07cd29
-
SHA512
a09a0009638f871fa4d2eda7863ab53ba1ca8ab8af2d5730a4c84475420faa45aaf3e20dc9cf4ee2b57097f35b6886d5ecb25a1731d0faa37027b90107e42bcb
-
SSDEEP
196608:G3U2mDrnyHvZHyrKjS5/DAeT6LC6Gu9WP8EeszDQspgSV/p9gMsy8:YUlIv0rCOrNOWzug07FsSSVey8
Static task
static1
Behavioral task
behavioral1
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
Uninstall.exe
Resource
win7-20240729-en
Behavioral task
behavioral10
Sample
Uninstall.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
assets/web/assets/_plugin-vue_export-helper-fe085d29.js
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
assets/web/assets/_plugin-vue_export-helper-fe085d29.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
assets/web/assets/apps-966a1e70.js
Resource
win7-20241010-en
Behavioral task
behavioral14
Sample
assets/web/assets/apps-966a1e70.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
assets/web/assets/config-f4fb6dcb.js
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
assets/web/assets/config-f4fb6dcb.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
assets/web/assets/password-41ebda5b.js
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
assets/web/assets/password-41ebda5b.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
assets/web/assets/pin-677ef343.js
Resource
win7-20241010-en
Behavioral task
behavioral20
Sample
assets/web/assets/pin-677ef343.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
assets/web/assets/troubleshooting-76080e6f.js
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
assets/web/assets/troubleshooting-76080e6f.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
assets/web/assets/welcome-6454da3a.js
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
assets/web/assets/welcome-6454da3a.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
assets/web/config.html
Resource
win7-20240708-en
Behavioral task
behavioral26
Sample
assets/web/config.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
assets/web/index.html
Resource
win7-20241010-en
Behavioral task
behavioral28
Sample
assets/web/index.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
assets/web/password.html
Resource
win7-20241023-en
Behavioral task
behavioral30
Sample
assets/web/password.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
assets/web/pin.html
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
assets/web/pin.html
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
30KB
-
MD5
ff6cb85adb441e639dc58948651d54d2
-
SHA1
2ba0514b1e64ce4c13c987c30f1b6e61225f192c
-
SHA256
bbd81555abbfeff33aacdc8c34c307c2eb680953c7f4c4c02b20a8fe10e88bd6
-
SHA512
bf4c8e862b548011f7d465c82d3c4bc84e7836c4bcd943ffa6dbfbe95d43fc355cf00936cfc4db34822906212bbbc69271f356b74d70051b52cfb9b74f58149d
-
SSDEEP
384:1/YECOP6qzJH9pBaCxuxux1EnQKGwH1BeIkuK3TqN1fbBxDj0OLxmnWvL:1YZqzJH9pix1NVBnkYpbBr2
Score1/10 -
-
-
Target
$PLUGINSDIR/StartMenu.dll
-
Size
11KB
-
MD5
3e60c0b440b1ecc21d956e83bcba0976
-
SHA1
8fc85b2d7b4192105afc73dec15d49280345e474
-
SHA256
135e5a8272b9732d4b9a798b29adf953b4fe4e802b3f6178896ada530d4ecdfb
-
SHA512
57c879668f28d29d45b91538e27fafa9628881e1423673402579cf670a5a3fdc3b03abb19feea3655969ce8789e18f70508a78d26174add767738821557a8354
-
SSDEEP
192:JLB7OopThbgh9Yoo6sHUzKXW1kOUBo5Boz9c:JLB77p6h91s0zKGWfc
Score1/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
25KB
-
MD5
853d33d653fb8622e5fd1aa862d07aa0
-
SHA1
310561cc0f30657974ab627a2341adfcec84ab92
-
SHA256
dbeb911118606a36e430e8d8be39e944b80167fb81ccd11c56afafb25747e633
-
SHA512
6d944929b0a4350aba32b28ef9f26d6c8f1a7c44aade158587829101a110ac7d892a9c5ca4ce60945c8cbd63eb0df63c3e8785c871e85ad22635f0ac80dba70a
-
SSDEEP
384:YQi8KP2WPZVVAfsjFMOpIVKGdDWG0OkuK3TZupbm:Y+KP2zEjFMTxWG3kbu
Score1/10 -
-
-
Target
$PLUGINSDIR/UserInfo.dll
-
Size
7KB
-
MD5
8e1998776ffd1d578a80d603c55721fc
-
SHA1
48ff2d677739d0f34f6c8cda41258af3989f534d
-
SHA256
7616de346ee28e4314d8a5bf67575c0010b1b07c93c6c29798f9106589ba25ae
-
SHA512
90c0800e485bd56177576b1d245457427d15b81b475eca4154a65225b82fe9c2ae7f07b07d48a61a3f622c4b2a2cb0b834a5d0b0b895f5bbf88b5bdead2257eb
-
SSDEEP
96:CMa252x1kO2TPrdKXW3xOgHdjOC2gwNQtyrdUyJx1XW:go7DJKXWDSpJ
Score1/10 -
-
-
Target
Uninstall.exe
-
Size
216KB
-
MD5
72afe51d21698444e3904aa941f7b7d2
-
SHA1
84aa50e5c9904fb86e3d552ecf7bd06229fe0759
-
SHA256
efe7751908e2c66a1b2de3ca8891836eb66249a2e357b6daa2ba0aad78b19a43
-
SHA512
c61786714a626081d05907dc49d90eeebaa20fc7e65bd8e805ddd92a9274ed909ea59b69741ad47a79bb71bff9fc20039c071b35f896da0903e7f0d60b327a0a
-
SSDEEP
3072:6paNicumFWpTV98xQT+5U5owpwSaceApxleMkoVetpTG4nDKH3fk0amO:fN3umFWfB0QOSampxlHkKe3DKXfkz
-
Modifies Windows Firewall
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
assets/web/assets/_plugin-vue_export-helper-fe085d29.js
-
Size
320KB
-
MD5
6e699a8fbb7fec33cee7e5e64fbae632
-
SHA1
f7a873a9a4db0c54910c295851d4addc839ee3d0
-
SHA256
f409345f492f984e9158de11fce4e061fcf4f0af87e55c4e17773c13c6965a84
-
SHA512
543d241fcfae70afaf75d4ed389be66cb3e9750786c07f1967d8a9d6f57d10d2bba52b0647d5ea8cbd6c2cc24a5e90ff5f46070257822c3c7d34684d363d256e
-
SSDEEP
6144:Nf73RnuBbRqJ3jyDEldItvtq0Sd8fYWOY/ZUz1TnkU9N:Nf8Bbu3jyfrqQfYW+z1TnBN
Score3/10 -
-
-
Target
assets/web/assets/apps-966a1e70.js
-
Size
83KB
-
MD5
603381020f0223c89acf91351023cdea
-
SHA1
1915905232f6747d8dd9c57f2ebe966704aedb00
-
SHA256
474e52706ea30e7c2521004bcacdc5d36ccfbfe9c21e838b51ce2bd729d24007
-
SHA512
66068ca6b7bb335002d01edb448312b3cfe7c46e22000c94604dd9af9a5057e33c11f31cb131f7623ef48c5694e6370c2f2685f4ab0852268fe935d2504f3d01
-
SSDEEP
1536:Y7xCnNy1EScECpFCW4zsfwVta/KbXFeTxXcaxD94VD4GomTIxnHHSV6Lk:Y0IzrFeZcu94VD45/xnHyR
Score3/10 -
-
-
Target
assets/web/assets/config-f4fb6dcb.js
-
Size
4KB
-
MD5
ac71847ca3ee0008800c9802f1c72d8f
-
SHA1
db571b16ee3b479591f4990baab3fb66f9106ba0
-
SHA256
dc9e7fbdc9b5f6400a57d66640741ead5eb546aedf28b7c14f5398a064c21b4a
-
SHA512
78d98c4f69ac484c683df5f8e7e811523b0ad5ea39aabe69d865843bede7ba21792567c5c2d2a05a9b9ebfa4ff693ad376e02c304cad17e225a2c54819b29641
-
SSDEEP
96:5Ul/J2Xqdh9nWCbwUxnV3fTEHuQ4OiDGdzC3ss9HLnfzQcG853lx9Ri8DMHKhkYj:5Ur2XqL9n+4vAHuQ4OSGducoHL8+3hLV
Score3/10 -
-
-
Target
assets/web/assets/password-41ebda5b.js
-
Size
634B
-
MD5
3d3e6cce6e6d525bdcddcf5659a839e0
-
SHA1
05dd0a4aa3c0b4a1b192e5e352eb5573e0d93f8c
-
SHA256
c4ab12ba9e4e1510328717c051e2452e5382ab1d86def5de7ddfba2a248d3ece
-
SHA512
34497902c9b676f70190f3c1317f15f9947b4d7520628905921cb2cc841a7a3d60442285908da761424bb17a282868b4edf65221a964ce1a5e292466918e8256
Score3/10 -
-
-
Target
assets/web/assets/pin-677ef343.js
-
Size
810B
-
MD5
030d37427ef02ec9b81bd25485b5493c
-
SHA1
033f11e9f71ba348a83eed99d114f57ee6f0b6b8
-
SHA256
24f19c48dbce4e8e71ab15695803129d36e57f66591ff17729c113bacaf54a20
-
SHA512
203540b6e73d7cb875375a154a4ffcd3e0450009f9f210e9da49390d215c5d5d20fabc493696f56b152378661b0f5bd3fdf90e8e3329507e9deb5496859eb5e2
Score3/10 -
-
-
Target
assets/web/assets/troubleshooting-76080e6f.js
-
Size
1KB
-
MD5
fc2080a431af2a636ef454861349b03c
-
SHA1
153639513e6a83b3afbf58ce00a355edd1618e5d
-
SHA256
6ad86daab55ca5128d87fa6ba432e771e7269db9bda2123302d8209c76127b1b
-
SHA512
a8a54cd16487d6e39b01f2f4f1ba4f5faaa60c64dc7ee0ac56c1f9059710b8e71dfd2e9c65b863a63e6586e68959e2b982b34376a3585ceff229f9e9d1558191
Score3/10 -
-
-
Target
assets/web/assets/welcome-6454da3a.js
-
Size
657B
-
MD5
4dcbeef21497bee77a58fd94e6ceb9f1
-
SHA1
d4346bf7f75824ae380bae69bf42e0f21fc62b8b
-
SHA256
b3c6b3980b5d88dc2d98bd791ff747bf94fb07ab8ed49e450c52a9511b39bb7d
-
SHA512
4836873bd15891ec31dba1c88bdb283de79e17fdcf22c02cbc3991f59ad3fb4de94978c709d8fee29a8da4825203f8c25cb5145025eb3a8ae8a60172781beec0
Score3/10 -
-
-
Target
assets/web/config.html
-
Size
54KB
-
MD5
d7c79c21c960c8212aa65dbd5c834aac
-
SHA1
aec699f629946181cf1dfce593c3141c2a200fd9
-
SHA256
6eeec9b3ac6267f2b7a78fed0984d55fc0d281d4f14b450933008403767bfaef
-
SHA512
ce1469fce5d2ab8f7181392b7ac28727d60b9aa48bc33fba2d9158978d2b118394a20f0b773be28e4caa222ea76f3b77c1d058f1fda1cf781417453400300c33
-
SSDEEP
1536:nzCdbGOjaaprCc0bDh1eh1ECyVAIbzkFKM6Dom:zDaprCc0bDhO1ECyVAIbzkFKM6Dom
Score3/10 -
-
-
Target
assets/web/index.html
-
Size
3KB
-
MD5
4e460bac7a7cc1c0b8f67eebc73f2205
-
SHA1
57170b42ddeb4296177d16646e3e3780f02b7184
-
SHA256
2547a2697e344266ca302514ead6fe8b02ca4f8c08417c875ab742526cc278db
-
SHA512
c5df89254f3ae175906df6a55f0908b7a30c07161fd397f6194bdb5d6a3cea1bb72c217fb338d6ecb52a3f265b67373e3df820aa446af6b86aeaf8f637db3160
Score3/10 -
-
-
Target
assets/web/password.html
-
Size
3KB
-
MD5
f1c5d1dab62c3c10ed015b40fb69b1d0
-
SHA1
bd6d14104b82c0534fa8410cc8951f5cdb8feb81
-
SHA256
9fa2555ae1b7bb2bec3256ca1fa28e1c4f8a4a30a4591c8f551d5807a7c1c29d
-
SHA512
197e01bb3fdb19c98ea3620cd5cdc8e8128433b03f18d104ffc9bafe697030e421ae5169628a11714677b2b3cfcc3f6c9cffe667bc22c59818a3794216b908f9
Score3/10 -
-
-
Target
assets/web/pin.html
-
Size
1KB
-
MD5
d456ed90392dcc2835afc32edc50116f
-
SHA1
06a6e5b642c91c216ac1152eed04c1cde3b3127c
-
SHA256
4ec1049ad14dd47021fbd938b4b76ce3a910df25a7c7f10f86d42257440a5206
-
SHA512
104bb114df7d465e89d25bbe898f685dda6937895e45c3a8dabfb03322c673e82b3c0d955396d2b0d533ac0cfba50a8b307e240ffb034c9b75d2ff5caff3fb7d
Score3/10 -
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1JavaScript
1System Services
1Service Execution
1Persistence
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
2Windows Service
2Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Impair Defenses
2Disable or Modify System Firewall
1Modify Registry
1