Analysis
-
max time kernel
150s -
max time network
147s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-es -
resource tags
arch:x64arch:x86image:win10v2004-20241007-eslocale:es-esos:windows10-2004-x64systemwindows -
submitted
09/11/2024, 19:28
Static task
static1
Behavioral task
behavioral1
Sample
sunshine-windows-installer.exe
Resource
win10v2004-20241007-es
Behavioral task
behavioral2
Sample
sunshine-windows-installer.exe
Resource
win10ltsc2021-20241023-es
General
-
Target
sunshine-windows-installer.exe
-
Size
11.1MB
-
MD5
8312c5f6b4975bd773854ed2a60ad055
-
SHA1
6993de295c40c9fc81730eec58e0c32b9f6f159d
-
SHA256
5608a618bc19fa3e21e6272d91d6443512da3c3965bd62e18092b4c7ec07cd29
-
SHA512
a09a0009638f871fa4d2eda7863ab53ba1ca8ab8af2d5730a4c84475420faa45aaf3e20dc9cf4ee2b57097f35b6886d5ecb25a1731d0faa37027b90107e42bcb
-
SSDEEP
196608:G3U2mDrnyHvZHyrKjS5/DAeT6LC6Gu9WP8EeszDQspgSV/p9gMsy8:YUlIv0rCOrNOWzug07FsSSVey8
Malware Config
Signatures
-
Loads dropped DLL 4 IoCs
pid Process 4284 sunshine-windows-installer.exe 4284 sunshine-windows-installer.exe 4284 sunshine-windows-installer.exe 4284 sunshine-windows-installer.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
30KB
MD5ff6cb85adb441e639dc58948651d54d2
SHA12ba0514b1e64ce4c13c987c30f1b6e61225f192c
SHA256bbd81555abbfeff33aacdc8c34c307c2eb680953c7f4c4c02b20a8fe10e88bd6
SHA512bf4c8e862b548011f7d465c82d3c4bc84e7836c4bcd943ffa6dbfbe95d43fc355cf00936cfc4db34822906212bbbc69271f356b74d70051b52cfb9b74f58149d
-
Filesize
7KB
MD58e1998776ffd1d578a80d603c55721fc
SHA148ff2d677739d0f34f6c8cda41258af3989f534d
SHA2567616de346ee28e4314d8a5bf67575c0010b1b07c93c6c29798f9106589ba25ae
SHA51290c0800e485bd56177576b1d245457427d15b81b475eca4154a65225b82fe9c2ae7f07b07d48a61a3f622c4b2a2cb0b834a5d0b0b895f5bbf88b5bdead2257eb
-
Filesize
1KB
MD582ca818094abc1a235c5001657901254
SHA1fbe65197b61e0695b76c35aa55eade65753a1099
SHA25617882fb252373868873d73e01104c9d0d0d831a581a41fee66aaa2e1ddf0c7af
SHA512a64bf6ac8759adfea96a101a0cda5e9861369f9a6293d06c2ee6dc2d908b951c249485e17e0640eabb3b1199cb6a85d5a10ed9621f623166c1a2efc822c26342