b385ce3e5717c49e2f61516c9f9e68449e111a557979a1f1ac28798d5fba9dc5 | Triage

Resubmissions

03-10-2022 12:20

221003-phxswafbe5 8

03-10-2022 11:32

221003-nnhqgadhgk 8

Sharing

General

Target

Pitch Black.rar
Size

136.6MB
Sample

221003-phxswafbe5
MD5

7378676bff25614a4807c8e387be78e1
SHA1

567b48b370dcd6ff0c84fb03e011d9f0a253d287
SHA256

b385ce3e5717c49e2f61516c9f9e68449e111a557979a1f1ac28798d5fba9dc5
SHA512

19ad0f2a2de0ca31c9692596400a7a920eb7ac216fce04fdcb401ed84405a1ef8a8a2895d730a24c79dcb353c9c20676c9abe76fdb8bd6d75f85297eea1a4074
SSDEEP

3145728:+0Lqp+O0GvoxT6nq0bhk9u8WU31e4Zp+KUkyYjc8VcQBLklmz1:+cqpXognq0Nbm1eK6kyYg87hcmB

Score

8^/10

aspackv2 bootkit persistence spyware stealer

Malware Config

Targets

- Target
  
  Pitch Black/Game.exe
- Size
  
  154KB
- MD5
  
  0be6d562ad1226912a929c9f5494e660
- SHA1
  
  17028bf0dbdba42a904543cad1ec9da1278aca3b
- SHA256
  
  c0f23f8c188c04cced5d8295b773e6bbc6c78afe9050cf0ef13176e26e783a96
- SHA512
  
  35d497c5782a0a7cf20d20bdf10cc5840004752dff16d6d05d559596875e498b8819ed5477188abbdea0a17c9c4b38b4bf7596732dc4a4d293f986abb4696a7e
- SSDEEP
  
  3072:5WK+I+/wslzo5PaLpe5rWhKri38yR8K+:5WK+xZAaqKMi3W
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2
- Target
  
  Pitch Black/Setup.exe
- Size
  
  36.8MB
- MD5
  
  630090a5a0ac61127dd09be7f622de81
- SHA1
  
  997dc4618a87aded201f261f22280446f69591ad
- SHA256
  
  08db81493a2799ca77f5b520461301cad6c8368458d9b410fcb5d72cf98d61d4
- SHA512
  
  e94870cfe18d3ae81e4fee3ec3af6c20dd4177ae35f2c57cb2c0c4f9150ace52725b0e1d8039553ecb95c8cdc6cb39d0c89ee6e944ff3500721117564a8fd4c3
- SSDEEP
  
  393216:PudOqgHWtfcf5DAh9m0LRiHrzSbGpmdXnfbm4vgOEKXDmfB4kpf/ZrYsK1/QYmfh:Pie2YxA1gUuBh/ZrYfCvx0P2P
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral3 behavioral4
- Target
  
  Pitch Black/System/RGSS300.dll
- Size
  
  1.0MB
- MD5
  
  d23975f32833073c1419ae895e3675d1
- SHA1
  
  53c98149c19c2f72119487b95254119ffbb275d7
- SHA256
  
  01a3de497b437634373c524b1b22f3009e76e762fbd5365e89039be6aef2dc2f
- SHA512
  
  ecc165c73f6504db1d77f267aba25f6f743dbbc7822e5fe47452aae4d77247c5e82d973ea7c0c00310ebf9d1f73a594cbea7428428ccb4acf546e73d3979bd67
- SSDEEP
  
  24576:3fFbFtzlEidjRZz6zZvmoXiBf1nH0FDk6:dbFtz+2tgzAwizUe6
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral5 behavioral6
- Target
  
  Pitch Black/System/RGSS301.dll
- Size
  
  1.0MB
- MD5
  
  dd25855ac39d32da033902fc58fa210b
- SHA1
  
  0ffa23a4d0b81438a329258f5c8d3b3403f4aa94
- SHA256
  
  27647690ed16218cd988dd71069fdca67207515b2a2df775be361f0198ab6876
- SHA512
  
  07f7f7cb4eda2165b4b28456fb01d4edea6e3d5f305dde19256865777905a0d0bb1d13ce1194a8639d740f633ccf1507a1b87530644d5e2d512a86829195ae60
- SSDEEP
  
  24576:+pc8WbPqpzFwdPhet279ae3P7zqP2JzCNkX67Flr1nH0F3ia:+pc8W7qEdPhet2hae3HfJR2Uf
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral7 behavioral8

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Process Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

behavioral3

behavioral4

behavioral5

bootkitpersistence

behavioral6

behavioral7

bootkitpersistence

behavioral8