Overview

overview

8

Static

static

Game Loader.bin.exe

windows7_x64

8

Game Loader.bin.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Game Loader.bin.zip

  • Size

    76KB

  • Sample

    210727-w1t11j882n

  • MD5

    d82326969c10c327bf4c0424558b7a7c

  • SHA1

    4674b26dfc87be51833be06d49ccf447fc5b1903

  • SHA256

    3290d73a0b99c4b53319737b1c6ef7e4347ad342c6ab8656f656e58e8d74aa65

  • SHA512

    6b32c14199d1a858485f8ebac328221353df6b7fd18a236255123bd63c4473abe80941e84cd4523709e39e858d366245b264f5ea4ac72708f5c8e7ee07c47573

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      Game Loader.bin

    • Size

      164KB

    • MD5

      2db4d78b81c809eecfa43b9dadfa21cb

    • SHA1

      c2c2b5e93a51d59594fc81b912fdb579f78b3c24

    • SHA256

      26cce10b3769c83798a2b6a000ca438f2e8fd98817bee9fad223157543b97483

    • SHA512

      41de2a56a7f19bf5cbe0b2050fc1bd1ab835372adf6e15bd3ca36f68b120d4ceafb6c574b9dbeb9f11e9a99fcbbf20edd3280218c5df12478ca69989c59b5f24

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • Modifies Installed Components in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

2
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks