158a8552791daf6d1edada33ce30a16fb459b8f585e2c1821e943f973c282e7f

Sharing

Copy URL

Twitter E-mail

General

Target

SA_-_Essentials_Pack.7z
Size

6.4MB
Sample

220906-ad6snacba2
MD5

a7b7b84f066fab602a2b8a5e58cd20b9
SHA1

e6f38a40459cce0f598877aaafb2f92a2005ba01
SHA256

158a8552791daf6d1edada33ce30a16fb459b8f585e2c1821e943f973c282e7f
SHA512

0813b58e8e7984714e966c961f59f026f398d55940f2bac26c83cb5ab9cf02fa6225942e26d0467c0fe63536122dc3ca51dafdfc6f94fd30df93b2960368b545
SSDEEP

196608:7GOAR3QnJb8uXFDsXvFuK51UJocJJVWn/a/:7SJQ986FQXdjq70/S

Score

8^/10

discovery exploit

Malware Config

Targets

- Target
  
  (fix dependencies)/(remove GameUX)/gameux_delet.bat
- Size
  
  254B
- MD5
  
  67684acbd9c065f0d18c47655a41a76a
- SHA1
  
  6fdb8daf3dcaca86f9292c38f7b7bd83f31e662f
- SHA256
  
  0fa8c2d38f5d46715c6d06ff548f74ab664271a078a8f54bdc8fb5fc4c9db8fd
- SHA512
  
  227e685f4685a7dcc2c02fc630116bd5bd2630b4f2bb94c638dd64b1bb38d5e964334fa70dc2c0b4473c4e88a3fe5e101449b72458a79c2235dedc7436990527
Score

8^/10

discovery exploit
- Possible privilege escalation attempt
  exploit
- Modifies file permissions
  discovery
behavioral1 behavioral2
- Target
  
  CLEO.asi
- Size
  
  316KB
- MD5
  
  d229ef391e1777fccdbd639ced98adf8
- SHA1
  
  fb42103dd6d5923b5b7c8015976650d721d4a9b8
- SHA256
  
  ee8cb6b46fe1769b70242c04b35cd3c693d7e6037827e3b72a9314b0314c75a6
- SHA512
  
  1307f000852b4d68c6a08cd58f2a51bd1317ef1cbe478ff55c8624e5fc7526d1d76d52e7780c617139bebb4d40f630f9db87950aa1f2f1e54b87d6bcc3593e6c
- SSDEEP
  
  6144:BG0qgE+M19bCZaOQUrpkb8ZYKV+Jc1VcFcBMuAOkiDiEIc:Bm+I9bKampkb8ycEKl6ibIc
Score

3^/10
behavioral3 behavioral4
- Target
  
  CLEO/CLEO+.cleo
- Size
  
  551KB
- MD5
  
  8e69a27d40b0696ee93b6431eda520f3
- SHA1
  
  a98ce2cb52a510d6574fac2bfd502d0db6b52805
- SHA256
  
  9ea6e022f515efe218e71c109947b47fc1b2d77d0606f3aebfff46da77644658
- SHA512
  
  a4fe031d0b4a3f24fbd2e83fc2b47258a07de8d2072872a0c6e30622e3ce793cee756a69da64b24acf0e61559941558cc1207d03491e5517ade550baed7b12de
- SSDEEP
  
  6144:uIl5Lq8EG3YdMrrwydhvfdyokCpLCbbWRQ8HSXqC3AOwEVWhMHPk+sSwL2k:7HhvfdPkCpL/HSF3amPMZ7L2k
Score

1^/10
behavioral5 behavioral6
- Target
  
  CLEO/FileSystemOperations.cleo
- Size
  
  96KB
- MD5
  
  dd32e5056f698a9b20f4067d478dc208
- SHA1
  
  fb6dc52679d61c1f105747d048890ebe88b6128e
- SHA256
  
  b7b80bc1aad995e7643127a978dfb56bda7fe02ab54879327cfa7baca71bcddf
- SHA512
  
  c8f62211f3a0803192b37b4feb2ac224b157d517fc436c3d84365251910d976a36b8b3fbf7a5db5d7885b17e2097bf5d9bf45ffad0d2137d3918866aba78f3d2
- SSDEEP
  
  1536:N1646XJTx7TIurP6Uw+FkFJ7G8n3xHw/JNm8+uoHPZ+ZFqsWeGcdRZwbTmvR:7646XJdXIuj6RwkFdG8ntw/JWuoHx+X3
Score

1^/10
behavioral7 behavioral8
- Target
  
  CLEO/IniFiles.cleo
- Size
  
  107KB
- MD5
  
  08380cf67b1f269adff0cad2d896da17
- SHA1
  
  5c3d04954db2220a5fca88289699a999173035c4
- SHA256
  
  d9ddde713211eb1341ec7181d0b2d7e487e8c816ced7afadee5d50ef3f37d168
- SHA512
  
  d71fc8cc4cc7c067544dbcc460272e5b4b1ac0aeeb2b27b10510e738feae1ae758fd1382ce1d9a4ecd8efe3d0b9d43cda9402f86c510af163dc16c69534628ef
- SSDEEP
  
  3072:j6/Km3BtmJgUCoHdOKp8Sr0wm0kg5Vf1uuCxQJR/qvOW4J:OqP9R34w95nuuCMo4J
Score

1^/10
behavioral9 behavioral10
- Target
  
  CLEO/IntOperations.cleo
- Size
  
  75KB
- MD5
  
  c0d7ef028aef3ed6308be8a096bc1302
- SHA1
  
  d0207ab48bc6060106fda2b59e787750b850278b
- SHA256
  
  5897bcd19ac9097f3b730c091623c556a176c82af4f97e3a2c483f62f4819f4f
- SHA512
  
  5f2fe0562e3747dffc79734e73c4f11008d535c5fdee9aff00bd015a13208554305e2c0b336f0a0b9e1b95fba89704b1ae4d22413e55a572e30828854bcda142
- SSDEEP
  
  1536:TkNfZREcYu+xGMhkcO2MI9c2uqIHmZUXdsWewcd7+exUX/:TaREcYuFGlO2MQuqIGWex7+exUX/
Score

1^/10
behavioral11 behavioral12
- Target
  
  CrashInfo.SA.asi
- Size
  
  449KB
- MD5
  
  2ff14ecd0de8dd893dac16c72b6488a1
- SHA1
  
  24ab165560f92784701ef56d643923c98e8b1156
- SHA256
  
  98d6277dafd1915795527fc23cfeebd58fae87f4c269761defcaea766156992e
- SHA512
  
  4ebf323ee7ad8ffabe794ea00239cea8ebcdb697cd73cd87b6f840c42cbf5a437beeb7820d07ec17677ab6f6613f6bd317bd29fa527729c31e0e3425e6654427
- SSDEEP
  
  12288:hwuyGdPHY7vsijRsI5yO8pzBlonudLZ2RMGhBlaCJ:htHOvsijRsI5YtZ2qMl
Score

3^/10
behavioral13 behavioral14
- Target
  
  _noDEP.asi
- Size
  
  68KB
- MD5
  
  9ecd4f280066f0148e55add186996a8a
- SHA1
  
  c3f4b0abc27b42606504f878a7e7c9ed933460e8
- SHA256
  
  a7e42a3a7a566ff0e1d45ea605ab5fe67a9b73da7569632a12eb10dba6f5dc93
- SHA512
  
  28a1d84ca51ff8a810c3fa2a18ce11bd33402bca411b657659552962fd2660e8dbe7959d40b763e1ab9f54afa87af1a17eff13f83973e7d4b8a0a93f25be9ee5
- SSDEEP
  
  1536:qyOYgesM6XO3CPl1IZ7zc8Z0rCsWjcd6oSE+:qTfeXDJZ0rt6oSf
Score

1^/10
behavioral15 behavioral16
- Target
  
  bass.dll
- Size
  
  105KB
- MD5
  
  9586e7be6ae8016932038932d1417241
- SHA1
  
  1581bd3d522c083e721f3c190e56b95a935580e0
- SHA256
  
  a3b00967d5c4ef1a2b4980183934d46ef36cee4b3dc1b2a6da1f820d63448390
- SHA512
  
  f99957b01b94cf895641f69bf4788be4496073f054b4cd7c8171f56c15e963ebbb7ee5ca38e2cc9cb651a733b03458344382c41b535c576e0d49a7ba07b672fb
- SSDEEP
  
  3072:tyYiAB2IFLa2e/GFMx8lU5gKDkjm76wdX:tjBNN+G6TKKAqnd
Score

1^/10
behavioral17 behavioral18
- Target
  
  gta_sa.exe
- Size
  
  13.7MB
- MD5
  
  2b5066bd4097ac2944ce6a9cf8fe5677
- SHA1
  
  8c23ceffafa9fd88ea567be7926a33413b8e3c00
- SHA256
  
  f01a00ce950fa40ca1ed59df0e789848c6edcf6405456274965885d0929343ac
- SHA512
  
  eee8ca9a762168607f9820c7779e7831cad778f35708845ab57c9c88a12d79ee5d67dc6d2981085fd69859b248912a49122b2c3dae700232894b6d3a04ec020f
- SSDEEP
  
  196608:qYQnnDbxRXCeeVJGfp/N+AYqyL3TTrbJvvAi80JFCC:qXnDbnyeeVJGfJN+n1r
Score

1^/10
behavioral19 behavioral20
- Target
  
  gta_sa.pdb
- Size
  
  1.9MB
- MD5
  
  e0288df086a13dd6ff9a65d680df95d4
- SHA1
  
  46cf21500c307f8183e71430f8984bf6ed97d408
- SHA256
  
  06026c84b595fbee16737b0c095abba85206a8dc2ae9618cb9d870620370eed4
- SHA512
  
  f528ad3d993fe4abc277331db09f28dd31d0a423bf5dd4c8761c20c85e847a6c371aa621c89e64222a8dcacbe074586ac12f776af51c703d7716c974dafc2292
- SSDEEP
  
  49152:jOD8gkftU5/brZussfusM+KBy+XMTXMfOEj/urE4//hWzXFnZSJ4pgF:YFOE0
Score

3^/10
behavioral21 behavioral22
- Target
  
  libcurl.dll
- Size
  
  416KB
- MD5
  
  5b8418b6382626d07dcb682fa2842785
- SHA1
  
  55e0a4e477a96e1bf2978cf3656b9f7211653f5e
- SHA256
  
  965f1e478aeb607cb92a0a1038136a5959cbcb5b78ab9be749c85f3790c245fd
- SHA512
  
  c6e528fbbe008753708ed7fdc6abb112e8aeb30af85828dcb6f7670814557e77ebe8473c5151595e9d96d9ec4778f18a93adbcd1249fc97f7403d24068abda2f
- SSDEEP
  
  12288:fFgdEnJeZi9X1qDqu42cf/eKnaKtEi5gZEpsRFMj+:DVYDqXVhOi5gZEpsR6
Score

1^/10
behavioral23 behavioral24
- Target
  
  modloader.asi
- Size
  
  684KB
- MD5
  
  7bca6c02c326ad80b51c8ba4a3ab7081
- SHA1
  
  a6a96519e717aca0142199e65812da1f0ed3c6a1
- SHA256
  
  9354beb050850fb4c5188e45241d0aa661b6994b9353064ff1ade90d7aa5fcd8
- SHA512
  
  116da0abf5cac8aca081273d91cd1d0218a93c751fbc3363ec080a0e0d619d4557e09c7eb9e46cc6279a696dfd44a05511657c7acd0ebbb0c7f2661fed848fcd
- SSDEEP
  
  12288:vMDAhe3ck4WxopO1i2gym43apj+ryqetOXNu4khEyXlhR:0DAhe3cJ6Pi2agmqDXNsEo
Score

1^/10
behavioral25 behavioral26
- Target
  
  modloader/.data/plugins/gta3/std.asi.dll
- Size
  
  278KB
- MD5
  
  6213e58c7afebba3c9a544d136867192
- SHA1
  
  dadc7a0b5a7296e0f759fc9e51f4f24a0e435060
- SHA256
  
  08bfaadf62cb8d5e93c9d472f219be3d5fe9e68c8c772cb2aa04942027c802f1
- SHA512
  
  54b9468be330196a98bf8c297c2715b485787034c3fa55440a964bf5e18ca41669bcf4647228363bf1e397f8bd61a6fe9b17cbad5d1b81d357f217c9cc5f4770
- SSDEEP
  
  3072:GV37y2nFTrtRuXDQJmapkdmXvtGtCG3AmGddtxWKcXNTX2XMzwkYRX2nqXEvOYKd:GgiiutIthBCWy4z14z/R74WVKX
Score

3^/10
behavioral27 behavioral28
- Target
  
  modloader/.data/plugins/gta3/std.bank.dll
- Size
  
  287KB
- MD5
  
  b62c4afdd4185dc101a4ef00c2f96df0
- SHA1
  
  354e2a57cb49f5668ca251d0664750a39b631b02
- SHA256
  
  abddfe1f653ed406107eb314072a117173ab821f9f233545e1ba11748c2fd315
- SHA512
  
  d3aba34bd852c6553eea4d7ce3e897d778c141705287a0ec21a479c753181dc83d0adae7da620bdd428f44715174fb67f9f277f6cb922d261f695b0dc085e5a3
- SSDEEP
  
  3072:1OiG1dRjXHysTlVwVwF6Ds7jFQC2mCgKuEGnUCG2Rf4/rVxzFNOcZXJUI3EylyBa:1ORjXBlGwNDhnO2RQfrOeXH
Score

3^/10
behavioral29 behavioral30
- Target
  
  modloader/.data/plugins/gta3/std.data.dll
- Size
  
  3.4MB
- MD5
  
  6071e23e21a6dbf14d1ccc1c40c8999e
- SHA1
  
  66b6296e227deb902bda1aed9282e4d5b599468f
- SHA256
  
  5eabc8cc52967293f061175d40a7537babae8a7e753ccbd6b15ba11ec646fe88
- SHA512
  
  7cbf75f529cce9d70f805056d34e7c0a20797627ad9c2057a1f6640100dc8a5b7537fe1f22cb3f94ec5c9304333f513171d4cc52657634aec97d4eb7ec014c4d
- SSDEEP
  
  49152:DFh0HRTzqNmWjUTfB3MiydxbX04P3ezTOOAXeKugIMD:nyjHG3ezT7Grf
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

T1222

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Possible privilege escalation attempt

Modifies file permissions

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32