Overview

overview

8

Static

static

8

Pitch Black/Game.exe

windows7-x64

6

Pitch Black/Game.exe

windows10-2004-x64

1

Pitch Blac...rgss3a

windows7-x64

3

Pitch Blac...rgss3a

windows10-2004-x64

3

Pitch Black/Setup.exe

windows7-x64

1

Pitch Black/Setup.exe

windows10-2004-x64

7

Pitch Blac...00.dll

windows7-x64

6

Pitch Blac...00.dll

windows10-2004-x64

3

Pitch Blac...01.dll

windows7-x64

6

Pitch Blac...01.dll

windows10-2004-x64

3

Pitch Blac....mplus

windows7-x64

3

Pitch Blac....mplus

windows10-2004-x64

3

Pitch Blac....mplus

windows7-x64

3

Pitch Blac....mplus

windows10-2004-x64

3

Pitch Blac....mplus

windows7-x64

3

Pitch Blac....mplus

windows10-2004-x64

3

Pitch Blac....mplus

windows7-x64

3

Pitch Blac....mplus

windows10-2004-x64

3

Resubmissions

03-10-2022 12:20

221003-phxswafbe5 8

03-10-2022 11:32

221003-nnhqgadhgk 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Pitch Black.rar

  • Size

    136.6MB

  • Sample

    221003-nnhqgadhgk

  • MD5

    7378676bff25614a4807c8e387be78e1

  • SHA1

    567b48b370dcd6ff0c84fb03e011d9f0a253d287

  • SHA256

    b385ce3e5717c49e2f61516c9f9e68449e111a557979a1f1ac28798d5fba9dc5

  • SHA512

    19ad0f2a2de0ca31c9692596400a7a920eb7ac216fce04fdcb401ed84405a1ef8a8a2895d730a24c79dcb353c9c20676c9abe76fdb8bd6d75f85297eea1a4074

  • SSDEEP

    3145728:+0Lqp+O0GvoxT6nq0bhk9u8WU31e4Zp+KUkyYjc8VcQBLklmz1:+cqpXognq0Nbm1eK6kyYg87hcmB

Score
8/10
aspackv2bootkitpersistencespywarestealer

Malware Config

Targets

    • Target

      Pitch Black/Game.exe

    • Size

      154KB

    • MD5

      0be6d562ad1226912a929c9f5494e660

    • SHA1

      17028bf0dbdba42a904543cad1ec9da1278aca3b

    • SHA256

      c0f23f8c188c04cced5d8295b773e6bbc6c78afe9050cf0ef13176e26e783a96

    • SHA512

      35d497c5782a0a7cf20d20bdf10cc5840004752dff16d6d05d559596875e498b8819ed5477188abbdea0a17c9c4b38b4bf7596732dc4a4d293f986abb4696a7e

    • SSDEEP

      3072:5WK+I+/wslzo5PaLpe5rWhKri38yR8K+:5WK+xZAaqKMi3W

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

    • Target

      Pitch Black/Game.rgss3a

    • Size

      91.6MB

    • MD5

      c58f67f79881e3f790b38e90e2e8f1fa

    • SHA1

      c12cc5fc83bdbaf53dd4f402ce3917e66a43b1ee

    • SHA256

      c28c046211076958fab1f81f5bfc7724377ecc4bb1afcda4f6b1f4751148be31

    • SHA512

      0647f88686ffa33e0fa493c6b9512a3204758f811767a1c3c6674a60d55b0a7aa288283d96a2a5352c01d0bec438305addef782bad132d4f7510ce2486327a5a

    • SSDEEP

      1572864:sVUOMo7XDaPiqviFbwCtG3f+UjdvuIyBqAVtMIUQ4B3ojTVR+8uexmhYSsbIL:gnvnFvs3fjm3BqAtZNWojJR+8uexmubw

    Score
    3/10
    behavioral3behavioral4

    • Target

      Pitch Black/Setup.exe

    • Size

      36.8MB

    • MD5

      630090a5a0ac61127dd09be7f622de81

    • SHA1

      997dc4618a87aded201f261f22280446f69591ad

    • SHA256

      08db81493a2799ca77f5b520461301cad6c8368458d9b410fcb5d72cf98d61d4

    • SHA512

      e94870cfe18d3ae81e4fee3ec3af6c20dd4177ae35f2c57cb2c0c4f9150ace52725b0e1d8039553ecb95c8cdc6cb39d0c89ee6e944ff3500721117564a8fd4c3

    • SSDEEP

      393216:PudOqgHWtfcf5DAh9m0LRiHrzSbGpmdXnfbm4vgOEKXDmfB4kpf/ZrYsK1/QYmfh:Pie2YxA1gUuBh/ZrYfCvx0P2P

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral5behavioral6

    • Target

      Pitch Black/System/RGSS300.dll

    • Size

      1.0MB

    • MD5

      d23975f32833073c1419ae895e3675d1

    • SHA1

      53c98149c19c2f72119487b95254119ffbb275d7

    • SHA256

      01a3de497b437634373c524b1b22f3009e76e762fbd5365e89039be6aef2dc2f

    • SHA512

      ecc165c73f6504db1d77f267aba25f6f743dbbc7822e5fe47452aae4d77247c5e82d973ea7c0c00310ebf9d1f73a594cbea7428428ccb4acf546e73d3979bd67

    • SSDEEP

      24576:3fFbFtzlEidjRZz6zZvmoXiBf1nH0FDk6:dbFtz+2tgzAwizUe6

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral7behavioral8

    • Target

      Pitch Black/System/RGSS301.dll

    • Size

      1.0MB

    • MD5

      dd25855ac39d32da033902fc58fa210b

    • SHA1

      0ffa23a4d0b81438a329258f5c8d3b3403f4aa94

    • SHA256

      27647690ed16218cd988dd71069fdca67207515b2a2df775be361f0198ab6876

    • SHA512

      07f7f7cb4eda2165b4b28456fb01d4edea6e3d5f305dde19256865777905a0d0bb1d13ce1194a8639d740f633ccf1507a1b87530644d5e2d512a86829195ae60

    • SSDEEP

      24576:+pc8WbPqpzFwdPhet279ae3P7zqP2JzCNkX67Flr1nH0F3ia:+pc8W7qEdPhet2hae3HfJR2Uf

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral9behavioral10

    • Target

      Pitch Black/fonts/VLGothic/LICENSE_E.mplus

    • Size

      375B

    • MD5

      9cb9b5eef336be9d69501fec78b3d4fb

    • SHA1

      4fab4adb4a1e09fda4577670df7fe4f14cb55d18

    • SHA256

      66d1ce3be56b1de04ffe96663d28be3b0ee1bf89985cbfc9a2e728a9ff0d4578

    • SHA512

      a3b96e737ecdb47190a39b3bb252234a43dab395f102e460bf703e299a6a35e14b1f784bb832d78d864af8cd5e41ac660e28d41d97fee7ef1be7c931c7cadc4b

    Score
    3/10
    behavioral11behavioral12

    • Target

      Pitch Black/fonts/VLGothic/LICENSE_J.mplus

    • Size

      329B

    • MD5

      3268d6d1d7763b1ddaeb48a0597f86d5

    • SHA1

      a01cc8493c04d3ccdefee32c3ac70a1fead18ef9

    • SHA256

      bf4c60d392a7d5afefb3cc8f3e5f8dc37b8ed2b1f69b5373cfbcb351a0ba7013

    • SHA512

      8a837fbccd557761505c565b0fd831930bd839d91972d9980fe559cc5ffc601b4d23fe5e0cfdde946192494db50410dbaefc7228fb3f0da7f56fe551b2770bad

    Score
    3/10
    behavioral13behavioral14

    • Target

      Pitch Black/fonts/VLGothic/README_E.mplus

    • Size

      2KB

    • MD5

      39cc4307fd0d939299747c8ef6bef0bd

    • SHA1

      825080c1c50a23ad9c477a1e7e6e4b477f2838c8

    • SHA256

      b59bc9eabd82dad38f3c879be7d9a75f7cac55f4c53d18d104a0386f163bece5

    • SHA512

      df43262bd01fc7fd32a1fadd07d514151e25b7e79c02061ab71d83ea2eceb8955cb7d55312fa4ea6c9fd7603464ba65c4fa6228bc940c72b9a5601e675522a85

    Score
    3/10
    behavioral15behavioral16

    • Target

      Pitch Black/fonts/VLGothic/README_J.mplus

    • Size

      4KB

    • MD5

      8eeaf34958de7fc015d65c248304a29d

    • SHA1

      370c30acfa0fbf65bbca114f378b78b9a5b90471

    • SHA256

      70ba28b1e56170001b7ab5959f72c5f7b2380bc10c59776d5ef7a9e11c9c17eb

    • SHA512

      b38820fe66ad7eabc1fe779877f5309691f20c4b78d679457df3ac15bbe73d5b7135010247e71f3654f1580769858dd71c2a45e1f83c0b83290864726051cf03

    • SSDEEP

      48:Bz1fp34QMIUIEpqtj1FfDfWq/HISf8tdQcy8/wQt0Yao9xHPpsbMs7ryWDf6b:Bz1fp34IUIE4t1lz/UP+mpAryAfa

    Score
    3/10
    behavioral17behavioral18

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

3
T1067

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

5
T1082

Process Discovery

1
T1057

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks