bf643d2d4970a0bb9696ae49f00acea8dbab0ca76c5ed1aac98f396fc8f38ab2 | Triage

Resubmissions

18-10-2022 07:59

221018-jvd9eafcdq 6

18-10-2022 07:52

221018-jqp54sfab8 8

17-10-2022 17:05

221017-vmcamacde2 8

Sharing

General

Target

1666026281.rar
Size

7.4MB
Sample

221018-jqp54sfab8
MD5

60398a47695dc8864e81c6714aafd702
SHA1

6cb066629fffa982366e28a6d25118115be897ce
SHA256

bf643d2d4970a0bb9696ae49f00acea8dbab0ca76c5ed1aac98f396fc8f38ab2
SHA512

fe235209ce6722988e71984bf1a1409cbafbd285ccbcb917d10ca8f109492ab7da037b8f38da95589153f83ddf3b4de4233628f347e4f69a35f6bbfd05b62a3b
SSDEEP

196608:rNJI/w1goD7hYr7fZPVQxxrmSe6G23wrj1XFU1wIxryVKFAWVJC:6TKQPuDSSOz1XCLrGQ3Vc

Score

8^/10

spyware

Malware Config

Targets

- Target
  
  Meta World Launcher beta.exe
- Size
  
  712.3MB
- MD5
  
  3cc7c90b6e6ed6719be20510857e6267
- SHA1
  
  55634d10827ba52f57d757c6f4c32525cd0386b0
- SHA256
  
  7a2f2553d96eb5b9b56169dc1ae83500b23d821529e627c54e867d21973cbc4b
- SHA512
  
  fe07a83d3885e2f0dad27334b035ab3f5596c61364a5282a893084ea9b334e353c1b8e8ee8fe0825fa050b0570842eae1f334e9bfd6061e4efa079f6d2f9b4d7
- SSDEEP
  
  196608:wYfg0UGi9r7wQ6sRgGQAEctmM5xrdShPO:RZUGCUQ6lkm0rSh
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1
- Target
  
  NET Framework 4.5.exe
- Size
  
  982KB
- MD5
  
  9e8253f0a993e53b4809dbd74b335227
- SHA1
  
  f6ba6f03c65c3996a258f58324a917463b2d6ff4
- SHA256
  
  e434828818f81e6e1f5955e84caec08662bd154a80b24a71a2eda530d8b2f66a
- SHA512
  
  404d67d59fcd767e65d86395b38d1a531465cee5bb3c5cf3d1205975ff76d27d477fe8cc3842b8134f17b61292d8e2ffba71134fe50a36afd60b189b027f5af0
- SSDEEP
  
  24576:3idS2cRQNb9dUcyezFSja7zEwA2BH6SEUVGDKX68zuQm6wwr5mAPepC:SQ2cRQh9GexmCxBxVV56CmWQax
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2