Overview

overview

8

Static

static

EasyAntiCh...up.exe

windows10-1703-x64

1

GameAssembly.dll

windows10-1703-x64

3

Modules/BE4v.dll

windows10-1703-x64

1

UnityCrash...64.exe

windows10-1703-x64

1

UnityPlayer.dll

windows10-1703-x64

1

VRCLoader.dll

windows10-1703-x64

1

VRChat.exe

windows10-1703-x64

1

VRChat_Dat...eo.dll

windows10-1703-x64

3

VRChat_Dat...RT.dll

windows10-1703-x64

VRChat_Dat...60.dll

windows10-1703-x64

VRChat_Dat...er.dll

windows10-1703-x64

VRChat_Dat...er.dll

windows10-1703-x64

3

VRChat_Dat...ng.dll

windows10-1703-x64

3

VRChat_Dat...in.dll

windows10-1703-x64

1

VRChat_Dat...ss.dll

windows10-1703-x64

1

VRChat_Dat...tor.js

windows10-1703-x64

1

VRChat_Dat...ne.xml

windows10-1703-x64

1

VRChat_Dat...gs.xml

windows10-1703-x64

1

VRChat_Dat...eb.xml

windows10-1703-x64

VRChat_Dat...tor.js

windows10-1703-x64

1

VRChat_Dat...ne.xml

windows10-1703-x64

1

VRChat_Dat...gs.xml

windows10-1703-x64

1

VRChat_Dat...eb.xml

windows10-1703-x64

1

VRChat_Dat...tor.js

windows10-1703-x64

1

VRChat_Dat...ne.xml

windows10-1703-x64

1

VRChat_Dat...gs.xml

windows10-1703-x64

1

VRChat_Dat...eb.xml

windows10-1703-x64

install.exe

windows10-1703-x64

1

launch.exe

windows10-1703-x64

start_prot...me.exe

windows10-1703-x64

1

shrek/bin/...1).dll

windows10-1703-x64

1

shrek/bin/...or.exe

windows10-1703-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    shrek.rar

  • Size

    333.0MB

  • Sample

    221124-3e6hhafd47

  • MD5

    23bf7ac8d3ebc4abfbf40a7feca979dd

  • SHA1

    f673ed2941e33d6e03f25a5348770762db918172

  • SHA256

    71398ec09f40842b05470aad1456b80febc1548c3fd17f576e76dbf67dacc8ee

  • SHA512

    b0e0a7acee5dd32a4cfdf7220bb693a37c3113f786efe71c2868abd87629186d891923c802d02bb03a5ff7bc8d02d9cd17c267d5299914cc4c14e96a66d0df8e

  • SSDEEP

    6291456:pQR3HzpqC01k0AeHPE5IyDQYuDItx3XyoXFq9EitwssLnRG+qQw4/TUav:pQR3HwC0W0AevHyVC59RassLng+LwWTb

Score
8/10
persistence

Malware Config

Targets

    • Target

      EasyAntiCheat/EasyAntiCheat_EOS_Setup.exe

    • Size

      913KB

    • MD5

      04bd7ca3d0145396e0690197307e277d

    • SHA1

      1e29037ea065bcb58df3d40cdb023ef32c61d646

    • SHA256

      f53df42ab575c1ed049d6acbcd24a39e82afb7b6a3d65f6fef211ec5a6c842e4

    • SHA512

      ee66e8ce3c3610eb24a3cb5e35ece4f127939cebbf4275085d665bbe0e27078326f5bb0c2e82adaacd77d580c2515eabdf86943e470415fc71a3a9ecb37fd980

    • SSDEEP

      24576:Y3diFjFZyTE4vttcY+/fpfRnYCKLgXM+TK2zM7Y3:sdUjmFtcY+/fpfRnYCKUXM+TK2I7Y3

    Score
    1/10
    behavioral1

    • Target

      GameAssembly.dll

    • Size

      143.9MB

    • MD5

      7815f56782be8aaaa55356ce9395c458

    • SHA1

      97c56f26be92e4187d9adcbffa67e3b945103c8c

    • SHA256

      9dfaa296c1805e3239c719e4025704f0edc317cdd3055ab32b7b1f05081eb9db

    • SHA512

      8ddda733946c78c24a33ac04c22bc592757feec529e95b02b711e463fbada1b2e91fc7416d20dbd6a21c2bb207e4166cb23a1595bd74c1e6580ad2162579fe4d

    • SSDEEP

      786432:+M1mMZgLB66FiN+EYk2tHKbAsdUPcplTfISSS3:x1mM4B5FClYes3Pc3zS

    Score
    3/10
    behavioral2

    • Target

      Modules/BE4v.dll

    • Size

      708KB

    • MD5

      e84ab2bbd8f34dd9bb878d24fec94cb7

    • SHA1

      15009e786ed25b63cda8aebe15b57299c8faf8e3

    • SHA256

      8d6eeec0961346f0045112d12f6b96c660de485b977fff51e2f8af8d61dc93d8

    • SHA512

      77ec6740cff8f655ce9d156b25c7a8ea2221bdb35221e10686c6f1640fe4c9f30060b4f4fca1bc7f0e2944a0b4eabdb0e975182e8be927dd67c0107ee38b1baf

    • SSDEEP

      12288:BOyzFSiN5JoUK++g8r0jpQtmX5dlGXk6b:0iN5JoLD+/H6b

    Score
    1/10
    behavioral3

    • Target

      UnityCrashHandler64.exe

    • Size

      1.0MB

    • MD5

      aad437a3d3ec7c98bc4adb52b4b52c54

    • SHA1

      ce23738b5007371f19d0cc88b9db597e5fdfea7c

    • SHA256

      3d33d8ad9c3bb11190552a6d50834fb77e8f6e8e7d7e2bb183f8a9430f0129cd

    • SHA512

      c16bd2f450c2075bedfa5c5e8b4ace14b5d7c2b5699f0ba0cab6c86830b691657e4e926268ed0148ca01cef0ccfe353f3e07043876ba27e53ed49a91db91062d

    • SSDEEP

      12288:CzZxqFzFWXEtl0itbpwvegH3rMETGLZoYQ5xE/L:CzZxMzFWmltbpAHXwETGVYxcL

    Score
    1/10
    behavioral4

    • Target

      UnityPlayer.dll

    • Size

      24.9MB

    • MD5

      8accd42a24932442bc3ceba3e426c4f9

    • SHA1

      b0280d3f53ca708c3ff088d253b2fa775e679225

    • SHA256

      38dffe4531aac55bcf33287c2d3713875af554943cc5aba9fdefb9d2e530d4a1

    • SHA512

      b20654957dfe2d21ca9d38930be9d735c76d2ce4eb001d5f36304b3b00dd2b30b29dd9452c074bd2e751e12d6ccd30bfab9a671611b729db29b23e63bf02d8d4

    • SSDEEP

      393216:BNvnrqQU95ox5OZABtAeYPTMClMhU77KSdh3Ptxma:BrTAvoS7L9

    Score
    1/10
    behavioral5

    • Target

      VRCLoader.dll

    • Size

      12KB

    • MD5

      c03930e9489cda040b484ff488049f47

    • SHA1

      f0d8bdcbd5d75062833f9eabadfd8cc2ad82d4cc

    • SHA256

      b6409f2214dc03ac3d50ca8d9954fa2fc87647e746f58ab8c9f877a1add6e4a6

    • SHA512

      cda0daceee1d3ddbf9fa17bcad49144a8628bb0ab4e51b195064097dbf6485cee2af6e1e6879f45eb64759f43f4b0a41ff358d245fb1e4b25f775a17b6b660da

    • SSDEEP

      384:j4fIER5Ri3QRxOufjJsO0SdxoAL6vNWq:OIER5DxBjKfh

    Score
    1/10
    behavioral6

    • Target

      VRChat.exe

    • Size

      635KB

    • MD5

      debf4bb4cff92a804052d10cb13e36a7

    • SHA1

      86d535e56eb2261a0da8bb1e06e022da703ad61b

    • SHA256

      94b8ff2fbdccdd2934b9a4ec37da67e58efd70240fb7f31a3ef3ef90020ada87

    • SHA512

      3cb3fc33d4ef4cb9e8fe6d4b7f76819f6cbef787579fa8fcfa0bb3a2661d6719b48a940a1fe014174cfc059d58fcb24bb492107a5a69405bb2306a441a39d67a

    • SSDEEP

      3072:jys7oYfSbbQTLWuiUg7VsS4jMhN0g1+JVGGljGY:j/7oYfSHQPWTUg4P2+JVNjz

    Score
    1/10
    behavioral7

    • Target

      VRChat_Data/Plugins/x86_64/AVProVideo.dll

    • Size

      1.1MB

    • MD5

      844d88ef08dd38426399edae49d1af6f

    • SHA1

      80e251a5b341050c3fae22493070ae14fbbe5b86

    • SHA256

      4d6d1cd8506fed8169b2c67981691e703fc9860181e78988f7631712095bac7a

    • SHA512

      bdba01544c46e556613acf5fed3c6305c9d424fecf926afebc8eb07ed59f6099ca8e247aa335dc8d32f253af06586d303b1ca7f3dee0edaf34e49e867676eef9

    • SSDEEP

      12288:Pnrj+mapSKqD1jhDg/g1m70jRccXXmZ4p0CM74oJnc7:POkKqD1pg407TcXXeC0CFEc7

    Score
    3/10
    behavioral8

    • Target

      VRChat_Data/Plugins/x86_64/AVProVideoWinRT.dll

    • Size

      335KB

    • MD5

      9d5679c160d97067c913bd67f5411169

    • SHA1

      2cb7e3f3238e0f704a4fb70fa118db295c27a723

    • SHA256

      83bc80bbde3d6d1af749a043c73431d613a150ab1e8a3602083db4ddb09402dc

    • SHA512

      c70f49c6ef0dfe6b877606846f979a85321e83592c47df543785acb508697730ecf353cdfae4f2dda6e73f1b92a998d0bfd695c03a4b79f35df26688030ca24c

    • SSDEEP

      6144:9pe4qD62A0zNbKJs2KEYBxUsUA+iOCIUnkM4Y2:9pe4qD62AIKC2WYslRE5M4

    Score
    1/10
    behavioral9

    • Target

      VRChat_Data/Plugins/x86_64/Audio360.dll

    • Size

      2.6MB

    • MD5

      27837c75e9da6c2f034074da64663577

    • SHA1

      9ad0d586d145b5799a8959e06f4242d18203eda8

    • SHA256

      d650fac4673d8aac3bd7199eba1b171ff76aa59294bbb8d62c0452d672f3a354

    • SHA512

      c1b4b7b20fa9dad166a0709f554cd1ff65ef641673e9a4fb8a2d321c35a53f70640e29f12e7e70b9ebcec59ea1ef44f4b960343a86a4b78d9cb80382e06d00ba

    • SSDEEP

      49152:S6KFt7tg/i0fFh60fMeKdqJjyoo4U+HApIcUadkyqbRsv7:iFtWhJj3oZkykRsv7

    Score
    1/10
    behavioral10

    • Target

      VRChat_Data/Plugins/x86_64/AudioPluginInvalidFilter.dll

    • Size

      128KB

    • MD5

      606a9e3a8deb739e7bdfdedba5f74e7e

    • SHA1

      45904188bc14a02ac57c04eb8010b61ced4916bd

    • SHA256

      e7e291603debd752363b209d708ea0a5a50da77339edc0ac01c326e13e5209c9

    • SHA512

      a058c5d1892c3b89e6f6baa3471820e85bf5f263202864e1805692348e40938930fe5f0e073b60144129eca48fc28755475627f9a32d4e07bb1695783874d923

    • SSDEEP

      3072:8m85qfL1khZQ3cOKlpK+KbpMzvmTLU4T:SSn3cd++KBU

    Score
    1/10
    behavioral11

    • Target

      VRChat_Data/Plugins/x86_64/AudioPluginOculusSpatializer.dll

    • Size

      2.7MB

    • MD5

      87e981c9f90c779f769e73b1d4ce0463

    • SHA1

      5cf9eb9babc895b98a7b007685ed2401df86e597

    • SHA256

      93a46239056031d91a6a20028d76ef7e32d762c1d54288c8931205f2a5df6fdd

    • SHA512

      4773e8f1a77b28015b7c95c24361a3119409cadaebcc3ffabf464e8a3040036c8cfd692d883c83b9d817dde398853d0c4e2191c1fab7efb471acc401dee3c209

    • SSDEEP

      49152:i5ygvxa1wl38UCPV4Ur9LMVu/zsiq81xUA7MdG6pPQBkHm3Vp+8cOFrHJe8YzpjJ:i5ja1w98sC1xUAwdsBkHWVpOOFrHJe84

    Score
    3/10
    behavioral12

    • Target

      VRChat_Data/Plugins/x86_64/EOSSDK-Win64-Shipping.dll

    • Size

      19.0MB

    • MD5

      fd80d4750f452774ca1f63f32e692049

    • SHA1

      0cf82602ad807afcb021d0e706d3cf5af110e9d4

    • SHA256

      d25f056b4e18150562ad5a8a1c3127567d10cda49d3af8e8cb243cd30fe50f9a

    • SHA512

      e2c0d294aeb40c5ef5ce7f73e7dc8edac8d7bb2215982f34a51331af7d49743d4a8ddbb79b86a77d2556909ff3fd1d52be123dc5816495b6ef9e0c3b39ac4744

    • SSDEEP

      393216:Ft+/nb+ZmIuWkFyPuYiQobYwzRM+HXfmzyLEY1vl2qNBBRel3FZ:Ft0FCFZ

    Score
    3/10
    behavioral13

    • Target

      VRChat_Data/Plugins/x86_64/KinectUnityAddin.dll

    • Size

      165KB

    • MD5

      4483c871e97145765eb0cf7e2d6aed4c

    • SHA1

      6726d47b9dccb5091b522ad19cbbbfb0a308fef1

    • SHA256

      e5028c7dcf49ca1aefa03350bfb54ffddce1dc6c02c91fc5a83ea00b9bfe1f55

    • SHA512

      1195540de12f054ee3402d8f40466fe4f6eadac460a45db2f02c24d909360a19e4c2452bf024b00e5ead998249fe208048c538cce8b99ae5b99252d83d5d4f36

    • SSDEEP

      1536:oP4hGsZeT+mm/g+0kTkWrcIvsO3KgAiGInZgsXJDQmNF:uOGvJsrrcI0O3KjInZg2Q

    Score
    1/10
    behavioral14

    • Target

      VRChat_Data/Plugins/x86_64/NativeProcess.dll

    • Size

      11KB

    • MD5

      511b16b450f0621d1755dcd6f32a2ad4

    • SHA1

      a6c34ae22d6fef9359df053d4a8ca208a72c20c3

    • SHA256

      9dd8638cdec61217f1c636cdd556d79453aaf36a52fdf64885553be7a4634774

    • SHA512

      afe3d0101c47c7cadd1a8f57ff165c755ddc563260f40523ff3e83dd7d6e559d8a8fe291a666c0cd98bc950eb2a2798ba8d83c398981b2f36d0023b176e8e4cf

    • SSDEEP

      96:P1dx6GQ/yYWEwuEnCl+g5zPOkRppW01g1ej7J5fX+iWWbAKwzh7Wj7XABJGAiU/i:xE3WmNKYp0qXobzhKy0AiU/

    Score
    1/10
    behavioral15

    • Target

      VRChat_Data/il2cpp_data/etc/mono/2.0/DefaultWsdlHelpGenerator.aspx

    • Size

      59KB

    • MD5

      f7be9f1841ff92f9d4040aed832e0c79

    • SHA1

      b3e4b508aab3cf201c06892713b43ddb0c43b7ae

    • SHA256

      751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a

    • SHA512

      380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5

    • SSDEEP

      768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw

    Score
    1/10
    behavioral16

    • Target

      VRChat_Data/il2cpp_data/etc/mono/2.0/machine.config

    • Size

      28KB

    • MD5

      cad24142abba464dd90777c3d347ef88

    • SHA1

      d8db7111fce5a08d8b7c9a6e1e0ad2fbf34cfe12

    • SHA256

      edc5bcf685d930a607bc097927260a3f9ac7f52dd809db68158298bfd934b7ce

    • SHA512

      5d3ee2ee7921c95cc30790ae670fcadcf091d4fa1b9b5e1b9c7500c67230abe25467236ed160c51aa662e764ccea10e4955887359a65b09432b727abf27f8454

    • SSDEEP

      384:PbBtBtWR5RwRqrR2RN3RPfRaRvRyRaRIKbX/y4RpQXWBE43g:DuY

    Score
    1/10
    behavioral17

    • Target

      VRChat_Data/il2cpp_data/etc/mono/2.0/settings.map

    • Size

      2KB

    • MD5

      22c818a23169e12bd3c8587b6394c731

    • SHA1

      dd2be2dbccd34736719301aee92429d4258ea5a0

    • SHA256

      49c6160f9d54af4270a3b4e997fc4a8301f79b9e2070118fa46ddbcbbc44f9a2

    • SHA512

      c1352e817e01277413a1790a94a4f979dc1b8333874fef28d735441c034c97bf8ce501fd9cd04c47d25541a0c1d54fcd4dd3bee9ac3e8fbde83ada9a1d2662d7

    Score
    1/10
    behavioral18

    • Target

      VRChat_Data/il2cpp_data/etc/mono/2.0/web.config

    • Size

      11KB

    • MD5

      2b6303c4f12762b71051db6e947f90a4

    • SHA1

      a4d7e05516f63d6ab67327b299d4fb2852cb840b

    • SHA256

      3c1a76a5849074b437d297656a208a3bef6d84b982153542b9c797046c601dfc

    • SHA512

      80f5da60654e1851ef21526e434b32d94e18883a08bacbbaa0e1f85b80469c46510b6ddb9b429f16cc4be89c6f2bb2627bbae9cb1d0c7e45b665efb7721c6d86

    • SSDEEP

      192:wcedeaZ0sEMYaWN5bs6yyzEVkEYEG/Z1f5v6CuCCrtQzPwkP/waeKjy:wj5YaWPs6/1zwya

    Score
    1/10
    behavioral19

    • Target

      VRChat_Data/il2cpp_data/etc/mono/4.0/DefaultWsdlHelpGenerator.aspx

    • Size

      59KB

    • MD5

      f7be9f1841ff92f9d4040aed832e0c79

    • SHA1

      b3e4b508aab3cf201c06892713b43ddb0c43b7ae

    • SHA256

      751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a

    • SHA512

      380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5

    • SSDEEP

      768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw

    Score
    1/10
    behavioral20

    • Target

      VRChat_Data/il2cpp_data/etc/mono/4.0/machine.config

    • Size

      32KB

    • MD5

      24c866ce8037fcdca2287234eddff637

    • SHA1

      9245befcd116458e9619694f1a785c50fa61b58e

    • SHA256

      6919d5af506aae0d93e91bd83418a81895a5554b9f54cf94aad20d025a4db664

    • SHA512

      f9960b5d5e7db35fe4a492dbba1f90cd0f0f0c4d84349baf33de3a941de57cffdec670b5be9862306503f7b5d57a697208921e7099cea13d4daf3310840ff4d2

    • SSDEEP

      384:PbtltttttSRtNRtcRtGrRtSRtBDRp5Rt70gRt2RtTf1RDRty6ugyunHMSeuWuGR0:7Kn

    Score
    1/10
    behavioral21

    • Target

      VRChat_Data/il2cpp_data/etc/mono/4.0/settings.map

    • Size

      2KB

    • MD5

      ba17ade8a8e3ee221377534c8136f617

    • SHA1

      8e17e2aec423a8e6fb43e8cbe6215040217bb8a3

    • SHA256

      ce1db1ad8a9512073164e3eccdc193f7eda036e1a9733caec4635de21b2865c8

    • SHA512

      c18bcbcbd4b9a20a72b1a934d70db1eafef047f34f3ba2c6357d8e3afed07ecaab861e5571ceb58c22d4d3e5ebb34b51e366a0553c3153fbc263d1d80472e297

    Score
    1/10
    behavioral22

    • Target

      VRChat_Data/il2cpp_data/etc/mono/4.0/web.config

    • Size

      18KB

    • MD5

      b127480ee9f0b8dab6a3f73ad79dd332

    • SHA1

      7d776d730cbd253564713f36573dd8366782788c

    • SHA256

      f1a6416eeedd9d040387fd85dcf7d6e074b6644c6829d08be220ff9fc32efb31

    • SHA512

      00ddca43ad38127cf71477810c46617fc2ccdc33f197e26ba761151107eff701fec2caa51e43575fb5b4fbc11f640f525ba70b6b3e97811cecabc63773492401

    • SSDEEP

      384:lJJuAr8F1mJ1ayCk5+HK5YaW41DBWTwahst/tlLvSqwwU4FVXaS7L3nHIXYFXc//:jbpJX91Xbi

    Score
    1/10
    behavioral23

    • Target

      VRChat_Data/il2cpp_data/etc/mono/4.5/DefaultWsdlHelpGenerator.aspx

    • Size

      59KB

    • MD5

      f7be9f1841ff92f9d4040aed832e0c79

    • SHA1

      b3e4b508aab3cf201c06892713b43ddb0c43b7ae

    • SHA256

      751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a

    • SHA512

      380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5

    • SSDEEP

      768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw

    Score
    1/10
    behavioral24

    • Target

      VRChat_Data/il2cpp_data/etc/mono/4.5/machine.config

    • Size

      33KB

    • MD5

      0869544722561f5aff0eefc83fc7b001

    • SHA1

      1e118f4b5c1c6a7b1858e3fccb1b1d1095561976

    • SHA256

      ef9b9387168fd1dd6c996f96c134d9c44f8eb06f9587004bf997252a520182d6

    • SHA512

      ced7c9a5363cabdb87b01ed6b4ca190a690640dddf5cbcc0438acdc611a8ee942cb6cd73c78d3fc2d59f70171f22ac832a10b1e23758dc92599ee24acd978ac2

    • SSDEEP

      384:PbtltttttSRtNRtcRtGrRtSRtTf5Rt70zDgRt2Rtuj4f1RDRty6ugyunHMSeuWuh:dkn

    Score
    1/10
    behavioral25

    • Target

      VRChat_Data/il2cpp_data/etc/mono/4.5/settings.map

    • Size

      2KB

    • MD5

      ba17ade8a8e3ee221377534c8136f617

    • SHA1

      8e17e2aec423a8e6fb43e8cbe6215040217bb8a3

    • SHA256

      ce1db1ad8a9512073164e3eccdc193f7eda036e1a9733caec4635de21b2865c8

    • SHA512

      c18bcbcbd4b9a20a72b1a934d70db1eafef047f34f3ba2c6357d8e3afed07ecaab861e5571ceb58c22d4d3e5ebb34b51e366a0553c3153fbc263d1d80472e297

    Score
    1/10
    behavioral26

    • Target

      VRChat_Data/il2cpp_data/etc/mono/4.5/web.config

    • Size

      18KB

    • MD5

      08101241b15b53ef0ab908f6d388881f

    • SHA1

      ea3e2ad6d71d483c54b12852dcbdcd0baa569988

    • SHA256

      15a2c7a9242bf54d3ccb3e07fa6d8f84ba8b303d8877243787a1103009941bdb

    • SHA512

      a1ee7f17bb069ac42483d1f98ca839ff1bd06f3fc15cd379dff4aca3732a5dac24dc17e15acc8f8fa39e60e186219f4fd70664f9ea284002274a4ff8609791ed

    • SSDEEP

      384:lJJuAr8F1mJ1ayCk5+HK5YaW41DBWTwa6st/tlLvSqwwU4FVXaS7L3nHIXYFXc//:jbpJi91Xbi

    Score
    1/10
    behavioral27

    • Target

      install.exe

    • Size

      14KB

    • MD5

      942e4fb44758825919050799067da1b1

    • SHA1

      8805c5d8a7cfa59acec65994b19dca80ee0b03cb

    • SHA256

      6050219bcfca1243ed88d0d9f3046591365b192a2930819e84f3a8582a310373

    • SHA512

      6f429fdada238fd6e7876a6360510ed3444ec3b212a5e29a1a0137fe8569a74caf450cbcf57c0d3f0aa3035ae6a68e986150f37f07338c7d31bedee261f54ad9

    • SSDEEP

      384:sUGKSdRJHK2W9jUGTpwl3A45xexdyWNvwfkx:FGjHK2bU0ayWNvt

    Score
    1/10
    behavioral28

    • Target

      launch.exe

    • Size

      561KB

    • MD5

      6086fa754f6cce03b50f66fb84511b00

    • SHA1

      c34e1f1d2c737e33b15accdd8b3106bcbef33b63

    • SHA256

      8aefd8f5b33f0583305a71ca8416385d70a509fa878d2b77be5c11a003485f3d

    • SHA512

      dcde8d328c6cfc6a40aa112bb697555b9e425ae35412fdd3efb01eddd29dbef09c80fdf8c7e5d3ce698683438b114a5b8f3b48437742543db195f473a1bd7890

    • SSDEEP

      768:ejkKE2A7VlH0+iD000jGYpijAtgHHFNfVIh19HN24gkgt1xi0enQpkgV3EXxctFq:etek+CeVGxJsdYWzL

    Score
    1/10
    behavioral29

    • Target

      start_protected_game.exe

    • Size

      3.3MB

    • MD5

      86c5bf05043374f9e2a9a726ffaa7acf

    • SHA1

      7d401abe97f43a1eefc9a0080583d138f32a41d7

    • SHA256

      dd04bc0361d35fce36861caff8c098856a99cb2c0c1288145c460198bc1c0c4b

    • SHA512

      dcfe52b6b5266191cf4af8708c0a40748167ae5ec0714e9677c8ea18f0c32d7a7bcfa7dd40289d12aa359c4c1f35171b1325450484fe5e8dd3bb858ba8c419dd

    • SSDEEP

      49152:2OCOmzqbqKqNkLm2h/wJsKTruy3wrgktVic3HDz5DMcRc/s+kobXnz/q/xnd/c/T:+OzqrkL6ruygrjVic3HJCfgqFjt

    Score
    1/10
    behavioral30

    • Target

      shrek/bin/test (1).dll

    • Size

      95KB

    • MD5

      75f949b07f92594701e77fb1d9e025dd

    • SHA1

      2bf26c80511f9ba54f72bb04a3679e6c52ecb3f3

    • SHA256

      5cdeb4c219dcd6eb348e45d252648b80da186b7e99b01c249bc7f74f10b8cbd8

    • SHA512

      d92ad5584a84f6678e114cb39da7330eb300284693437f4224d89c6cc9ff5817bc5e3abb19899993e3275c906e55ce48dc91607fabc8e535d9aee02108310905

    • SSDEEP

      768:GmSK214WThhNyWT9WGdev3xkdbyFA1kQ3rqVaRB84TpbzlCxA:GL14WPp9WOev3xje1kYq8RB84TpbpY

    Score
    1/10
    behavioral31

    • Target

      shrek/bin/vxcs injector.exe

    • Size

      1.3MB

    • MD5

      1935b8d5377e4686fb0d63b15f945177

    • SHA1

      004816bbce0fcd5af209d632a4a91772406b3bbd

    • SHA256

      7f74a54ab8c6cfff77d857e4b8c4b9fdb95a701569d007c8886b343d55870b0f

    • SHA512

      63555e46838dd361f038de3126cfdb09fcd5a7a5ecf17d92dd9a11cba6a63bbef7e8884dbfd6dcd1c0dc314603115999178379341325bd91bf7e4b95d01ee740

    • SSDEEP

      24576:iOrbmLRnpJx7/EEjXvRvItZJdX3p9hHPcrfd4JW+9:iOrslt7ME7Jvw/9tS4s+

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Sets service image path in registry

      persistence

    • Loads dropped DLL

    behavioral32

MITRE ATT&CK Enterprise v6

Tasks