Overview

overview

10

Static

static

RunGame.exe

windows7_x64

1

RunGame.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SkyBlade.zip

  • Size

    4.1MB

  • Sample

    220221-t5ja8abffm

  • MD5

    c5359afd864dd39d3ae6488a30db9aaa

  • SHA1

    b5158ef5936ccd36c1877b9d5f9d68445f49a889

  • SHA256

    1032f62ca2ba75d140fa4567d310eac98b910ef087f67fe54684425571e18678

  • SHA512

    b592465e679ee769f097cee2d8f517ec6df1acb1d5d0c1e45404533dd0ac882a1f5a9a4e462396a1982a89f346a2f43c60aa2d4e91b426726150c54d2d883a74

Score
10/10

Malware Config

Targets

    • Target

      RunGame.exe

    • Size

      544KB

    • MD5

      17f9b91cebebf7572306fd0ba41614d8

    • SHA1

      a7c82813a2883fa7ffa096c9d1593dab3295d8f1

    • SHA256

      0ffe907b5c97c43c881a2dd2d3208eb040ef2fba3a980fd6893cd8d122947e77

    • SHA512

      c19d8f7ac625ffc100b93fa721f4538a80de80e09605d0bc69d69e5493a03831b07d9bc392632ffa79a002192c2796992b127a04b012c87209aabb52bdddab8b

    Score
    10/10

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks